Responsibilities :
● Analyze and prioritize vulnerabilities based on severity, potential impact and business risk, and collaborate with relevant teams to implement effective mitigation strategies.
● Provide strategic guidance, insights, and direction on technological, cybersecurity, and policy-related topics.
● Lead and participate in the development, implementation, and continuous improvement of incident response procedures, and processes.
● Collaborate with other teams at multiple geographic locations to investigate and document security incidents, root causes, and recommend remediation actions.
● Planning and appraising ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies.
● Managing and configuring security systems such as firewalls, intrusion detection and prevention systems, anti-virus software, and other security-related software and hardware.
● Monitoring systems, servers, and networks to detect and respond to potential security threats or suspicious activities.
● Developing and implementing security policies and procedures that ensure the organization’s data
and systems are protected against cyber threats.
● Conduct regular vulnerability assessments and penetration testing to identify potential security
weaknesses and risks to make improvements in the organization’s security.
● Report all security incidents to the home office and work with corporate IT on response and resolution strategy.
● Contribute to the development and execution of security awareness training programs for employees to enhance security awareness and best practices.
● Stay up to date with the latest cybersecurity threats, attack techniques and incident response strategies.
Requirements :
● Bachelor’s degree in computer science, information technology, or equivalent experience.
● 5+ Years of experience in a cyber or information security management role.
● Strong knowledge of the latest cybersecurity threats, trends, modern cybersecurity concepts, and technologies (zero trust, CIS Controls, OWASP, MITRE ATT&CK, XDR, CloudSec, AppSec, NIST, ITIL, Azure Well Architected Framework, etc).
● Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.
● Ability to manage and configure security systems, monitor network traffic and system logs, conduct regular security assessments and respond to security incidents.
● Demonstrated understanding of business processes, IT risk management, and related standards.
● Proficiency in utilizing industry-standard tools for vulnerability scanning, assessment, and penetration testing.
● Excellent problem-solving skills and the ability to think critically under pressure.
● Effective communication and interpersonal skills, with the ability to collaborate across teams and convey technical concepts to non-technical stakeholders.
● Proven track record of staying current with evolving cybersecurity threats and best practices.
● Exceptional planning and organizational skills, and excellent written and oral communication.
● Self-starter with initiative and the ability to effectively prioritize and execute tasks with direction from corporate headquarters.
● Professional information security certification preferred, such as:
○ CompTIA Security+
○ Certified Information Systems Security Professional (CISSP)
○ Certified Information Systems Auditor (CISA)
○ Certified Information Security Manager (CISM)
Location: East area
HOW TO APPLY :
Interested candidates, please submit your resume by clicking on “Apply Now” or aliceyap(a)hkmsvs.com
All applications will be treated in the strictest confidence and only shortlisted candidates will be notified
Yap Lay Choo
EA Licence No. 03C5391 | Registration No. R1987101
