Industrial and Commercial Bank of China (Asia) Ltd

IT Manager, Security and Compliance Administration

Industrial and Commercial Bank of China (Asia) Ltd

Job Highlights

  • Plan, lead & manage IT Security, Cyber Security
  • Safety reinforcement for various systems
  • ECF-C certification: CISSP, CISA, CISM, CRISC, CEH

Job Responsibilities

  • Plan, lead and manage IT Security, Cyber Security protection
  • Responsible for safety reinforcement for various systems of the company
  • Conduct safety assessment tests (black box and white box) on the company's website and business system
  • Respond to company security incidents, clear back doors, and analyze attack paths according to logs
  • Carry out security technology research, including security prevention technology, hacker technology, etc.
  • Organize and implement regular vulnerability scanning, penetration testing, security drills, offensive and defense drills, etc.

Job Requirements

  • Bachelor Degree or above with one of the ECF-C certification: CISSP, CISA, CISM, CRISC, CEH
  • 5 years or above experience on Cyber security protection
  • Familiar with attack and defense technology, including SQL injection, XSS cross-site, CSRF forgery request, command execution and other security vulnerabilities and defense
  • Familiar with mainstream security tools, including Kali Linux, Metasploit, Nessus, Nmap, AWVS, Burp, Appscan, etc.
  • Familiar with Linux/Windows, Apache, Nginx, LAMP/LNMP, Oracle/MySQL
  • Deep understanding of network security, system security, application security, web security as a whole with certain code audit and vulnerability analysis and mining capabilities
  • Master at least one programming language C/JS/Python/PHP/Java/JS, etc.
  • Familiar with mainstrain IPS/WAF/UEBA/SIEM/Honeypot
  • Strong team spirit and sense of responsibility with good documentation and communication skills
  • Good command of spoken and written English and Chinese, including Putonghua