Assistant Manager, Technology Risk and Information Security
About Dah Sing Group
The Dah Sing Group is a leading financial services group in Hong Kong offering banking, insurance, financial and other related services through its growing network of over 70 branches in Hong Kong, Macau and Mainland China.
Our currency is caring, teamwork and progressiveness. We accept that everyone is unique and different in talent, but alike in the capacity for growth. Our task is to shape a culture that creates a sense of pride in achieving something beyond just a job, and an environment where you can be your true and authentic self, like at home.
Assist Senior Manager, Technology Risk and Information Security to ensure adequate and effective controls are in place. Responsibilities:
- Monitor network traffic through Intrusion Detection/Prevention System (IDS/IPS), audit trial to proactively identity indicators of compromise
- Perform maintenance and operation support for security devices such as firewall, IDS/IPS, and security related products
- Participle in developing, tuning and implementing threat detection analytics
- Implement and enforce the bank's IT security policies
- Responsible for the day-to-day security operation of the bank including access control configuration and review, administration of firewall rule review, user ID administration, reviewing IT incidents, security reporting, etc
- Implement cybersecurity monitoring framework
- Collect data on cybersecurity related risk, attacks, breaches and incidents, including external data and statistics as appropriate
- Investigate security incidents by gathering evidence and reviewing system logs / audit trials
- Provide operational support to system and network teams regarding security related matters
Candidates with less experience will also be considered.
- University graduate in Computer Science / Information Technology or equivalent
- Minimum 5 years of experience in IT field with at least 3 years of relevant work experience in information security / cybersecurity
- Banking exposure is essential
- CISSP certification is a must. Holding CISA and/or CCNA certifications are advantageous
- Experience in Microsoft Windows, AIX, Sun Solaris, Linux, CISCO router and switch, F5 ASM/APM/LTM, Checkpoint firewall, Juniper firewall, Trend Micro Deep Security, Splunk, Forcepoint Web Security Gateway, and ForeScout Network Access Control
- Experience in Windows PowerShell, UNIX shell script and Python
- Experience in performing vulnerability scanning, and penetration test
- Excellent command of written English
- Good communication and interpersonal skills
Please note that only shortlisted candidates will be notified.