Posted on 2021-10-11

IT Security Manager / Assistant Manager (HKD 40k - 65k+ / mth)

Aacurapid (Hong Kong) Ltd

Responsibilities:

  • Develop and sustain cyber risk/ IT security management policies and processes across systems and information
  • Develop, maintain and execute a multi-year enterprise-wide security roadmap
  • Ensure cyber risk/ IT security management aligned to departmental objectives
  • Lead and perform application and infrastructure vulnerability assessment and penetration tests on different platforms and technologies
  • Conduct source code review to identify software program vulnerabilities and detect malware or malicious embedded code
  • Conduct social engineering and email phishing attacks to simulate the theft of passwords, infiltrate systems, and download malware / ransomware
  • Review and analyse security vulnerabilities to identify false positives
  • Prepare reports on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities.
  • Assist in continuously enhancing the existing penetration testing methodologies
  • Remain up-to-date on the latest cybersecurity threats, vulnerabilities and regulatory requirements

Requirements:

  • 8 – 10 years in Cyber security, governance and risk initiatives with knowledge of relevant cyber security standards, frameworks and risk assessment methodologies e.g. ISO27001, NIST etc.
  • Understand the OWASP testing methodology and have knowledge of penetration testing tools
  • Strong knowledge base in enterprise technologies and operations, enterprise networking, internet application security, database security evaluation and architecture
  • Hands-on experience with EDR, Advanced Threat Protection, IAM, Network Architectures, Data Encryption, Windows 10 security.
  • Strong understanding experience with OWASP Top 10, CWE/SANS Top 25, WASC, SaaS/PaaS/IaaS security
  • Experience of Cyber Security controls testing strategy and execution.
  • Certifications like CISSP/CCSP etc. would be advantage.
  • LESS experience would also be considered as Security Analyst role 
All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.
More job information
Salary
Job Function
Industry
Employment Term
  • Permanent
  • Full-time
Experience
  • 8 years
Career Level
  • Middle management level
Education
  • Degree
Benefits
  • 5-day week
  • Discretionary bonus
  • Medical plan