Multiple openings around IT Security Space. Click "Apply" if you are interested in any of the below roles.
Responsibilities:
IT Security Governance Analyst
- Support the IT Security Governance team in strengthening oversight of technology and cybersecurity risks to facilitate rapid Fintech initiatives.
- Participate in developing security standards and guidelines for emerging technologies and IT solutions.
- Assist in monitoring and reporting Key Risk Indicators (KRIs) to identify potential security vulnerabilities.
- Review technology deviations, assess third-party risks, and assist in independent assessments for critical IT projects.
- Oversee remediation actions for audits and regulatory reviews, ensuring effective implementation of cybersecurity initiatives and security monitoring.
Cyber threst intelligence specialist
- Serve as the specialist for cyber intelligence, providing stakeholders with timely updates on the threat landscape and enhancing their situational awareness of cyber risks.
- Liaise with global and local industry peers and government cybersecurity organizations (e.g., HKCERT) to share intelligence and best practices.
- Lead the Cyber Intelligence Team in leveraging intelligence sources and tools to produce sector-specific, actionable threat and vulnerability insights.
- Coordinate cyber intelligence resources, including tools and human sources, while advising IT and Operational Technology staff on emerging threats.
- Develop cyber threat profiles and analyze attacker tactics to inform Group Security and senior management, aiding in risk assessment and strategy adjustment.
IT Security Analyst
- Assist in planning, executing, and monitoring security tasks to ensure alignment with security objectives and compliance standards.
- Support the rollout and management of the Security program, integrating security measures into all relevant processes.
- Facilitate effective communication and collaboration with consultants, IT, and development teams on security initiatives and project deliverables.
- Maintain up-to-date documentation of project progress and security policies, and prepare regular reports on security metrics and compliance for stakeholders.
- Help identify security risks and vulnerabilities, develop mitigation strategies, and contribute to security training and awareness programs to foster a security-conscious culture.
Requirements:
- Possess a bachelor's or master's degree in Computer Science, Information Technology, Cybersecurity, or a related field, along with relevant professional cybersecurity certifications (e.g., CISM, CISA, CISSP).
- Have a minimum of 2-3 years of experience in IT security or related audits, with familiarity in security frameworks, compliance standards, and a strong understanding of cyber threats and vulnerabilities.
- Demonstrate strong analytical thinking and problem-solving skills, along with a commitment to continuous improvement and effective resource management.
- Exhibit excellent communication and interpersonal skills, capable of collaborating with diverse teams and articulating complex ideas clearly in both English and Chinese.
- Experience in project support within a security or IT environment, with proven organizational skills to manage multiple tasks, and a preference for familiarity with Data Leakage Prevention, Privileged Access Management, and secure software development practices.
