Grey Anderson Limited
Hong Kong
4 - 8 Years
Not Specified

Job Description


  • Responsible for delivering the IT security solutions with Technical Managers
  • Responsible for evaluating, acquiring and deploying new information security technologies
  • Work with different stakeholders to design, implement and update a network vulnerability scanning systems for different departments to ensure that systems and services that are either developed inhouse or acquired commercially are secured against known attack vectors and prevalent threats
  • Work closely with SME and application teams to define the scope within which the pen-tester must operate, testbed scheduling, testing tool and white box testing arrangement to shorten the pen testing duration and ensure the completeness and tracking the findings and rectification schedule for delivering a complete penetration test life cycle process
  • Provide support in security log, feeds, and raw source into SIEM for data security analytics
  • Perform information security risk assessment and technical advisory
  • Responsible for conducting technical study of information security initiatives and provide appropriate technical suggestion and recommendation to design, development and system integration
  • Bachelor degree holder with strong technical background, in information technology, security or related discipline
  • With around 4-8 years experience working in technical IT roles, and with at least 2-3 years hands on experience in security infrastructure, IS risk assessments or testing
  • With CISSP, CISA, CREST or relevant certification is a plus
  • Hands on experience in PC endpoint whitelisting, web isolation and/or MSS handling
  • With hands on experience in conducting vulnerability assessments
  • With experience in analysis performing, using Security Data Analytic technology e.g. SIEM, UEBA, ELK, SOAR
  • With good communication skills in promoting security awareness and adoption of security standards and practices to users
  • Ability to implement the vulnerabilities scanning to different network segment and prevention by existing security controls. With experience in automating the process is a plus
  • Ability to identify gaps/ weaknesses in SOC monitoring capability by mapping detection rules
  • With solid knowledge of networks and systems protocols
  • Knowledge of incident response methodologies, security issues, vulnerabilities, and security standards

Grey Anderson Limited

Similar Jobs

People Also Considered

Career Advice to Find Better