Cyber Security Consultant
As ITCS continues to deliver and add value to our clients - we are hiring a Senior Security Engineer based in Hong Kong, to be part of an international IT Security team to engineer and support security solutions for one of our Investment Banking clients.
As a key member in the IT security team, you will be a contributor to the banks IT and Cyber security strategy and operations. The role requires good understanding of Information Security concepts, and hands on experience on managing information security tools like SIEM, DLP, Firewall, IDS, Web-proxy, end-point security, incident management, email security, application security as well as experience on cloud security would be preferred (MS Azure, AWS, O365 Security etc.)
- Provide third level support for the team’s existing security controls and tools, with primary focus on cloud solutions, AWS, O365, Sentinel, and CASB
- Review existing cloud solutions and provide recommendations for security improvements
- Engineer end-to-end solution and handover to operations for various IT Security initiatives on network security, encryption, cloud systems
- Design and deliver new strategic secure technology solutions with collaboration from business partners.
- Be the subject matter expert of Cloud Security tools.
- Monitor industry cyber threat feeds and news and conduct appropriate analysis and follow-up actions
- Coordinate with internal and external teams for security incident response
- Identify gaps from security incidents and recommend control improvement
- Develop and maintain standard operating procedures for event monitoring and incident response
- Perform Security review and risk assessment, Audits of infrastructure, systems, and applications. Provide suggestions for enhancements in security to meet security requirements.
- Form an effective working relationship with the team’s key stakeholders - IT Security team members, IT teams and business teams.
Skills and Experience:
- Strong understanding of security tools and techniques including O365, Firewall, IDS/IPS, SIEM, Log review, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware Analysis, Web-proxy
- 9+ years’ work experience in IT Security domain, preferably prior experience in a financial service industry
- In-depth understanding of Cloud Security principles and technologies (AWS, MS Azure, GCP, O365)
- Extensive theoretical and practical knowledge with Windows, Linux, and TCP/IP networking, database etc.
- Solid scripting experience on any of the following Python/Perl/Bash/Power Shell could be an advantage
- Hands-on experience on security incident response
- Up-to-date understanding of the latest threats, vulnerabilities, mitigation, and industry best practices
- Cryptography and key management knowledge, HSMs
- Industry Certifications and an educational background from Information Technology
- Ability to work and solve problems independently
- Good verbal and written communication skills
- Strong time management and organizational skills
- Diligent, follow through and attention to the detail approach
- Assertive, yet calm personality
- Project management
- People management
- Creative problem-solving skills
- Work experience in a regulated industry
Interested parties please send your application to our recruiter via email directly and quote the job reference number if any.