Senior Officer/Manager, Cyber Security

Fusion Bank Limited (“Fusion Bank”) is a licensed virtual bank in Hong Kong and a joint venture between Tencent Holdings Limited, Industrial and Commercial Bank of China (Asia) Limited, Hong Kong Exchanges and Clearing Limited, Hillhouse Capital and renowned Hong Kong entrepreneur Mr. Adrian Cheng (invested via investment entity – Perfect Ridge Limited), each bringing unique expertise, experience and insight to the partnership.  Key Objectives: Cybersecurity team provides IT security services

Fusion Bank Limited - Hong Kong - Full time

Salary: Competitive

Fusion Bank Limited (“Fusion Bank”) is a licensed virtual bank in Hong Kong and a joint venture between Tencent Holdings Limited, Industrial and Commercial Bank of China (Asia) Limited, Hong Kong Exchanges and Clearing Limited, Hillhouse Capital and renowned Hong Kong entrepreneur Mr. Adrian Cheng (invested via investment entity – Perfect Ridge Limited), each bringing unique expertise, experience and insight to the partnership. 

Key Objectives: Cybersecurity team provides IT security services that include cyber security tool operations and lifecycle management, cyber security control design and review, cyber incident monitoring and responding. The paramount responsibility is to manage the cyber security defenses of the Bank, ensure any cyber security threat is addressed, and any cyber security attack process is handled.

Responsibilities: 

  • Implement and enforce the banks IT security policies.
  • Responsible for the day-to-day security operation of the bank including access control configuration, reviewing program change requests, reviewing IT incidents, security reporting and etc.
  • Implement cybersecurity monitoring framework.
  • Collect data on cybersecurity related risk, attacks, breaches and incidents, including external data and statistics as appropriate.
  • Investigate security incidents by gathering evidence and reviewing system logs / audit trails
  • Provide operational support to systems and network teams regarding security related matters.
  • Monitor network traffic through implemented security tools to proactively identify indicators of compromise (e.g. Host based IDS/IPS, network based IDS/IPS, firewall logs, application logs).
  • Perform maintenance and operation support for security devices such as firewall, IPS / IDS, VPN, anti-virus and encryption services.
  • Participate in developing, tuning and implementing threat detection analytics.
  • Define cybersecurity requirements as a subset of general information security requirements.
  • Implement cybersecurity control mechanisms which are consistent with the banks risk strategy.
  • Implement general IT risk and control mechanism such as access controls, program change / development controls and IT operations controls.
  • Manage information systems security operations, including security operations performance.
  • Define appropriate framework for cybersecurity monitoring (including monitoring requirements, indicators, datasets, collection and analytical methods).
  • Analyze cybersecurity incidents and make recommendations on remediation actions.
  • Analyze cybersecurity incidents and make recommendations on remediation actions.
  • Implement corrective action plans to address process and control deficiencies identified by the second and third line of defense.
  • Plan and design security architectures and implement different security solutions to safeguard the banks network and systems.
  • Research security standards, security systems and authentication protocols.
  • Develop technical requirements and controls for network, system and data security.
  • Provide technical guidance to the systems and network team regarding security configurations.
  • Perform risk analyses on existing security infrastructure and implement security enhancements.
  • Implement systems and procedures to enable digital forensics capabilities.

Requirements:

  • Degree holder in Information Technology or related discipline.
  • Holder of HKMA ECF-C recognized certificate at core level.
  • Minimum 2 years of relevant experience in Cybersecurity.
  • Sound understanding of Information Technology Risk Management and Cybersecurity.
  • Sound knowledge of technical infrastructure and security architecture.
  • Good communication and interpersonal skills.
  • Able to work under pressure and willing to work overtime.
  • Strong problem-solving skill and analytical mind set.
  • Good command of written and spoken English and Mandarin.

 

To apply, please submit your CV with information on your 1) expected salary and 2) availability via the "Apply Now" button. Applicants who are not contacted within one month may consider their applications for the specified position unsuccessful.
All information provided by applicants will be used only for recruitment purposes and will be used strictly in accordance with the Bank's personal data policies, a copy of which may be obtained by the applicant upon request. Unless otherwise instructed in writing by the applicant concerned, applicants may be considered for other suitable positions within the Bank. The personal data of unsuccessful job applicants may be retained for a maximum of two years from the date when the job application is rejected and such data may be retained for a longer period if there is a subsisting reason that obliges the Bank to do so, after which the personal data will be destroyed.

Apply
22201062

OTHER ASIAXPAT SITES:

Ad