Send me more jobs like this

Sorry, This job is expired.


Keywords / Skills : testing, Firewall, Internet, code review, networking

4 - 9 years
Posted: 2017-12-26

Hong Kong
Security Analyst
Posted On
26th Dec 2017
Job Ref code
Job Description
  • Lead the threat assessment and patch management advisory operations via analysis of security intelligence feeds
  • Ensure business and IT patch management teams comply with defined SLAs for security patch deployment
  • Work with business and IT stakeholders to schedule and perform vulnerability scanning, classify and prioritise risks, and guide relevant stakeholders to ensure systems are secured
  • Lead the web scanning and automated code testing of in-house applications, and guide developers and IT colleagues on coding best practices and mitigations prior to production release to ensure that systems are resistant to known attack vectors, e.g. OWASP Top 10
  • Manage and work with developers and operations to mitigate and resolve IT-security related incident
  • Work with Project Manager to drive IS initiatives to evaluate, acquire and deploy new IS technologies and capabilities
  • Perform IS risk assessment for projects to ensure compliance to company IS policy, standards and practices
  • Work closely with IT development and architecture teams to build up secure design and programming practices
  • 4+ years of experience in the information security area in conducting IS risk assessments
  • Preferably with additional IT / information security related qualifications, e.g. CEH, CSEC, CISSP, CISA, CISM, CGEIT
  • Experience with large-scale IT infrastructure and operations, esp. security operations and incident response
  • Experienced with information security project management
  • Strong in threat and vulnerability management tools and techniques, esp. vulnerability scanning, patch management and penetration testing
  • Experience with secure coding practices, source code review, and Internet threat vectors, e.g. the OWASP top 10
  • Knowledge of secure networking infrastructure, Firewall, IDS/IPS, WAF, Secure MTA, Load Balancer, Internet Proxy and End-Point security
  • Working knowledge in ISO27000 or regulatory compliance standard
  • China working experience would be an advantage

If you would like to apply for this role or find out more, please contact Evan Chin on (852) 2177 7577 or

About Company

Grey Anderson is a specialist recruitment consultancy dedicated in Information Technology, Sales & Marketing and General Management. We provide the highest level of professional service to meet your recruitment needs and to achieve your business goal in the ever-changing business environment.

At Grey Anderson, we strive to exceed your expectations at all times with our strong network and expertise in the industries. Whether you are looking for a permanent or contract position, we will always be able to identify the best-suited candidate to add to the success of your business. Our recruitment services cover industries including Information Technology, Telecommunication, Luxury Goods, Consumer Products, FMCG, Media, Supply Chain, Healthcare, Tourism, Property, Financial Services, Professional Services, Consultancy as well as Utilities spreading over across Asia Pacific.
We appreciate not only the business with you, but also the business that you are running. We value not only the long-term partnership with you, but also your relationship with your people. We believe not only in placing the best and brightest talent, but also the opportunities they bring to help you achieve your goals and succeed in the market.