Incident Response Lead, Information Security
NPAworldwide Recruitment Network
Hong Kong

Why a Great Opportunity

A licensed virtual bank in Hong Kong

Job Description

Report to Chief Information Security Officer

Job Summary

bull; Work with a team of cybersecurity enthusiast.

bull; Hands-on experience with market leading security solutions.

bull; Fast moving fintech environment.

bull; To help driving and improving the Bank’s cyber incident response & security monitoring capabilities.


Anomalies activity and cyber incident detection

bull; Manage the anomalies activity detecting process.

bull; Assess the monitoring needs and define the monitoring scope and approach.

bull; Work closely with Security Operation Center to ensure that the monitoring process are effective.

bull; Oversight and monitor on the activities performed by the Security Operation Center.

bull; Monitor security events reported to ensure that all events are properly handled.

bull; Response to security events escalated from the Security Operation Center and work with the relevant parties to investigate and response when needed.

bull; Develop relevant information security metrics to monitor the bank’s information.

bull; security posture and translate it into meaningful insights for the senior management.

Cyber incident response and management

bull; Manage security incident and develop response plan and playbooks for various attacks and security events.

bull; Oversight and monitor security incidents to ensure that all incidents identified are managed according to the incident management procedure and response plans.

bull; Ensure escalation and reporting process are in place and followed.

bull; Perform analysis to assess incident impact and determine whether the involvement of external investigators or forensic analysis are required to support incident investigation.

bull; Work with external investigators on forensic analysis during cyber and information security incidents.

bull; Drive the bank’s regular incident response drills exercise in responding to cyber and information security incidents.

Threat monitoring and analysis

bull; Monitor threat intelligence from various sources to discover emerging cyber threats affecting the bank and customers.

bull; Perform threat analysis and to identify potential security controls or remediation and other security improvement in response to the threats.

bull; Perform threat hunting, leveraging available indicators of compromise, to identify potential threats that are lurking undetected.

bull; Threat intelligence sharing and to collaborate with 3rd parties and industry peers.

bull; Manage the threat and vulnerability management program.


bull; At least 8 years of experience in information & cyber security from either the banking and finance industry or security consulting with primary focus on Incident Response or Intrusion Detection.

  • bull; Solid understanding of incident response, threat modeling and common attack vectors, adversary tactics, techniques &
  • procedure, MITRE ATT&CK framework.

    bull; Hands on experience in using Splunk Enterprise Security, Analyzing security log & network traffic, Identifying and investigating security incidents.

    bull; Prior experience in malware analysis, virus exploitation and mitigation techniques, and digital forensic.

    bull; Understanding of network, desktop and server technologies, network intrusion methods, network containment, segregation techniques, IDS and IPS.

    bull; Degree holder major in Computer Science or related field.

    bull; Relevant certification in information security (e.g., CISSP, CISA or CISM etc.)


    Thank you for reporting this job!

    Your feedback will help us improve the quality of our services.

    通過點擊“繼續”,我允許neuvoo同意處理我的數據並向我發送電子郵件提醒,詳見neuvoo的 隱私政策 。我可以隨時撤回我的同意或退訂。