职位:  经理, 网络安全

Job Descriptions in English version is available / 只提供英文版本

Responsibilities:

• Develop and oversee the IT security architecture for the company's infrastructure and business application environment
• Formulate and review security architecture, policies, standards, and related processes
• Monitor internal and external compliance review activities (e.g., Critical Infrastructure Cybersecurity Law, ISO 27001, IEC62443), address identified deficiencies, and ensure remediation steps are taken
• Implement various cybersecurity-related projects
• Provide advisory services to assess security requirements and controls; enforce planned security control policies
• Develop and validate baseline security configurations for operating systems, applications, networking, and telecommunications equipment
• Conduct control and vulnerability assessments, monitor compliance reviews to identify control weaknesses, and recommend remedial actions
• Report to senior management on residual risks, vulnerabilities, and other security exposures, including misuse of information assets and noncompliance cases, if any
• Address negative audit findings reported by internal and external audits by collaborating with IT action owners and tracking remediation progress
• Research and assess new threats and security alerts, providing recommendations on solutions
• Possess hands-on skills to support the network, systems, and applications

Requirements:

• Over 8 years of IT working experience, with at least 4 years in the cybersecurity field
• Experience with vulnerability assessments, including scanning the environment and generating reports
• Deep understanding of networking protocols, operating systems, and cybersecurity technologies
• Preferred certification in Information Security disciplines such as CISM, CISA, or CISSP
• Experience with SIEM, SOAR, WAF, IDS/IPS, CyberArk, CloudStrike, EDR/XDR, DLP, CASB, ZTNA, Incident Response and recovery planning, and various related cybersecurity technologies. Knowledge of ISO 27001 series and IEC 62443
• Strong project management and implementation experience in cybersecurity
• Understanding of cloud well-architected framework and experience in implementing cloud security best practices
• Self-motivated and able to work independently
• Excellent problem-solving, analytical, communication, and interpersonal skills.
• Proficient in written and spoken English and Chinese

Interested parties please click "Apply now" or email your full resume stating the present & expected salaries to HR Department via hr@asiaworld-expo.com
Personal data collected will be used for recruitment-related purpose only.
HKIA Services Holdings Limited and its subsidiaries are equal opportunities employers.