Why a Great Opportunity
A licensed virtual bank in Hong Kong
Report to Chief Information Security Officer
bull; Work with a team of cybersecurity enthusiast.
bull; Hands-on experience with market leading security solutions.
bull; Fast moving fintech environment.
bull; To help driving and improving the Bank’s cyber incident response & security monitoring capabilities.
Anomalies activity and cyber incident detection
bull; Manage the anomalies activity detecting process.
bull; Assess the monitoring needs and define the monitoring scope and approach.
bull; Work closely with Security Operation Center to ensure that the monitoring process are effective.
bull; Oversight and monitor on the activities performed by the Security Operation Center.
bull; Monitor security events reported to ensure that all events are properly handled.
bull; Response to security events escalated from the Security Operation Center and work with the relevant parties to investigate and response when needed.
bull; Develop relevant information security metrics to monitor the bank’s information.
bull; security posture and translate it into meaningful insights for the senior management.
Cyber incident response and management
bull; Manage security incident and develop response plan and playbooks for various attacks and security events.
bull; Oversight and monitor security incidents to ensure that all incidents identified are managed according to the incident management procedure and response plans.
bull; Ensure escalation and reporting process are in place and followed.
bull; Perform analysis to assess incident impact and determine whether the involvement of external investigators or forensic analysis are required to support incident investigation.
bull; Work with external investigators on forensic analysis during cyber and information security incidents.
bull; Drive the bank’s regular incident response drills exercise in responding to cyber and information security incidents.
Threat monitoring and analysis
bull; Monitor threat intelligence from various sources to discover emerging cyber threats affecting the bank and customers.
bull; Perform threat analysis and to identify potential security controls or remediation and other security improvement in response to the threats.
bull; Perform threat hunting, leveraging available indicators of compromise, to identify potential threats that are lurking undetected.
bull; Threat intelligence sharing and to collaborate with 3rd parties and industry peers.
bull; Manage the threat and vulnerability management program.
bull; At least 8 years of experience in information & cyber security from either the banking and finance industry or security consulting with primary focus on Incident Response or Intrusion Detection.
procedure, MITRE ATT&CK framework.
bull; Hands on experience in using Splunk Enterprise Security, Analyzing security log & network traffic, Identifying and investigating security incidents.
bull; Prior experience in malware analysis, virus exploitation and mitigation techniques, and digital forensic.
bull; Understanding of network, desktop and server technologies, network intrusion methods, network containment, segregation techniques, IDS and IPS.
bull; Degree holder major in Computer Science or related field.
bull; Relevant certification in information security (e.g., CISSP, CISA or CISM etc.)