Technology Risk Manager (Cyber Security Control Division)
职位编号: 499291
聘用性质: 全职
部门: 资讯科技部
工作类别: 资讯科技
Roles and Responsibilities & Specific Requirements (Cyber Security):
- Provide Cyber Security incident response operation and support.
- Experience in arrangement and co-ordination of cross-countries cyber incident response drills.
- Experience in Security operations, managing SOC, Offensive security, Container security, Threat Hunting, OSINT, Darkweb monitoring, Malware analysis, DevSecOps , Digital forensics and Attack Surface Management.
- Research and evaluate on latest security threats and Cyber Threat Intelligence.
- Participate in Red & Purple Teaming exercises and relevant validation controls.
- Familiar with technologies on Firewall, IDS, IPS, WAF, SIEM, SOAR, DLP, UEBA, BAS, XDR, Deception and Network/Cloud Infrastructure are preferable.
General Job Requirements:
- Degree holder in Computer Science or other degree majoring in Information Systems, or related discipline.
- Over 5 years of experience in IT security, technology risk management, compliance or IT audit function, gained from other sizable financial institutions
- Holding at least one recognized professional qualification under HKMA enhanced competency framework such as CISA, CISSP, CRISC. Industry-recognized cyber security certifications ,such as OSCP/OSCE/OSWE/OSEE/GXPN/GPEN/GCPN/GCIH/GCFA/OSDA, is preferable
- Familiar with HKMA TM-E-1, TM-G-1, PCI-DSS, ISO 2700-series or other security risk management framework is an advantage
- Good command of written and spoken English with Mandarin is preferable and
- Good communication and interpersonal skills.
返回搜索结果 立即申请 介绍予朋友