Grey Anderson Limited
Hong Kong
4 - 8 Years
Not Specified

Job Description

Job Description :

  • Work closely with PM to conduct small- to mid- information security initiatives for evaluating, acquiring and deploying new information security technologies and capabilities
  • Work with various stakeholders to design, implement and update a network vulnerability scanning system, and prioritize risks
  • Conduct the penetration test and co-work with other parties for defining the scope which the pen-tester have to operate e.g testbed scheduling, testing tool and white box testing arrangement
  • Provide technical support in security log, feeds and raw source into SIEM for data security analytics.
  • Streamline the duration of pen-testing and ensure the completeness and tracking the findings and rectification schedule
  • Perform information security risk assessment and technical advisory for assigned project areas
  • Conduct technical study of Information Security initiatives and provide technical suggestion and recommendation in design, development and system integration.
  • Assist to solve technical problems to provide an efficient environment for project implementation
  • With bachelor’s degree with strong technical background, best with Information Technology, security, application development or relevant discipline
  • With at least 4 to 8 years’ experience working in technical IT roles, and with around 3 years’ hands-on experience in enterprise security infrastructure, Information security risk assessments or testing
  • Certification holder like : CISSP, CISA or CREST relevant certification will be a plus
  • Hands on experience with vulnerability assessments
  • Experience in performing analysis with Security Data Analytics technology like UEBA, SIEM, ELK, SOAR
  • Solid understanding in networking protocols, operating systems and cyber security concepts and technologies
  • Able to implement the vulnerabilities scanning to different network segment and prevention by existing security controls. Best with experience in automating the process
  • Able to identify weakness in SOC monitoring capability by mapping detection rules, e.g. SIEM use cases, Carbon Black watch lists, Darktrace models, AD monitoring and Firewall policy
  • Knowledge of incident response methodologies, security issues, vulnerabilities, exploits and security standards that may impact information security
  • Hands-on experiences to PC endpoint whitelisting, Web Isolation and/or MSS handling is a plus
  • With experience, good working knowledge of Windows, Linux, OSX and mobile operating systems
  • Strong writing, communication and presentation skills
  • Well organization skills and be able to closely follow up per check point on implementation timeline.

Similar Jobs

People Also Considered

Career Advice to Find Better