INFORMATION TECHNOLOGY SERVICES OFFICE
[Appointment period: each for twelve months]
The appointees will be required to work in the Information Security team to:
(a) act as the first responder to handle/provide support on security anomalies detected by the Splunk Infrastructure Platform and enquiries on the use of this platform;
(b) perform daily cyber surveillance to identify any potential security incidents of the University;
(c) provide system and web vulnerability assessment service to all user departments and perform quality assurance on the assessment reports to eliminate false positives before releasing the reports to departments;
(d) monitor the system healthiness of Security Information & Event Management Platform, Web application firewall, vulnerability scanner platform and forensic platform and the recommended remedial actions for security flaws identified in vulnerability assessment;
(e) develop automated scripts/programme to streamline the process/procedures in daily security operation;
(f) perform troubleshooting and provide technical support for information security solutions/infrastructure;
(g) conduct research on the development of new technology in the aspect of information security and develop corresponding best practices for administrators’ reference;
(h) handle and investigate information security incidents and events to protect corporate IT assets on a 7x24 on-call basis;
(i) provide after-office-hour standby/emergency support duties as and when required; and
(j) perform any other duties as assigned by the Director of the Office or his/her delegates.
(a) have a recognised degree in Computer Science, Information Technology or a related discipline;
(b) have strong analytical skills, good interpersonal and communication skills; and
(c) be able to communicate effectively in both written and spoken English and Chinese.
Preference will be given to those who have:
(a) two years of relevant working experience in the Information Technology service industry, especially in administration support for various OS platforms (UNIX, Linux and Windows) and server virtualization platform (e.g. VMWare and MS Hyper-V platform);
(b) working experience in vulnerability management, security incident response and investigation, system and application penetration testing, security device administration and database security;
(c) working experience in conducting application vulnerability assessment for web applications developed with PHP, open source web content management systems (e.g. Joomla, Drupal and Wordpress) and open source database (e.g. MySQL) and managing security information and event management solution; and
(d) professional credentials in relevant system administration and security disciplines (e.g. CCNA, MCITP, CCSA, VCP. CISSP, CISA or CEH).
A highly competitive remuneration package will be offered. Applicants should state their current and expected salary in the application.
Please send a completed application form to Human Resources Office, 13/F, Li Ka Shing Tower, The Hong Kong Polytechnic University, Hung Hom, Kowloon, Hong Kong or via email to firstname.lastname@example.org. Application forms can be obtained via the above channels or downloaded from http://www.polyu.edu.hk/hro/job/en/guide_forms/forms.php. If a separate curriculum vitae is to be provided, please still complete the application form which will help speed up the recruitment process. The closing date for application is Saturday, 7 July 2018. Applicants who are not invited to an interview within two months from the closing date should consider their applications unsuccessful. The University’s Personal Information Collection Statement for recruitment can be found at http://www.polyu.edu.hk/hro/job/en/guide_forms/pics.php.