As the leading financial advisory firm in Hong Kong, Convoy upholds its core values of Passion, Integrity and Professionalism in providing the best service to help customers investing in their future.
Due to our business expansion, we are looking for high calibre candidates to share our vision and venture our success.
- Support and maintain security tools including antivirus, endpoint encryption, PAM, NGFW, WAF, EDR, IDS/IPS, DLP, and SIEM.
- To administrate various types of information security systems and devices and work with IT teams to review audit logs and security alerts.
- Perform security incident verification and investigation and work with IT teams to resolve security incidents. Follow through with any issues reported and ensure they are resolved or mitigated in a timely manner.
- Work with internal parties and vendors to conduct penetration tests and vulnerability assessment scanning.
- Follow up with IT infrastructure teams to rectify vulnerabilities.
- Follow up with application development teams to ensure IT security best practice is catered throughout the system development and maintenance processes.
- Assist in the generation of various metrics, reports, review of remediation progress and compliance status.
- Support internal and external auditors and perform self-assessment in compliance with policy and regulatory requirements.
- Assist in security assessment and compliance check of third-party vendors.
- Assist in the development and maintain an information security awareness program·
- Coordinates the implementation of the other projects when necessary.
- Bachelor’s Degree in computer science, information system or related discipline.
- Minimum 5 years of total IT experience with 3 years in information security or compliance. Candidates with more experience will be considered for senior positions.
- Holder of an IT security certification CISSP or CISM or CISA or CEH is a definite asset.
- Experience in the financial or insurance industry is an advantage.
- Hands-on experience in Firewall, IDS/IPS, WAF, Anti-Virus / Anti-Spam, SIEM, PAM, MS Security products and protection for MS digital workplace family.
- Self-motivated, responsible, able to work independently.
- Fluency in both spoken/written English and Cantonese.