Job Description
47 days ago
The Cyber Security and Cloud Platforms Department protects the Club's information, information systems, network infrastructure, and cloud platforms. It establishes governance and formulates cyber security procedures to ensure consistent Club-wide safeguards and conformance to regulations. The team works to protect the reputation and operational resiliency of The Hong Kong Jockey Club.
Key responsibilities include:
• Performing threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds.
• Collaborating with IT infrastructure, network operations teams, and other IT stakeholders to review and assess new set ups, changes, and upgrades to the organisation's network infrastructure and network components.
• Performing vulnerability scanning across the Club's technology landscape and working with key stakeholders to identify, govern, and mitigate identified vulnerabilities.
• Working with assigned Project Manager to drive small- to mid-size IS initiatives to evaluate, acquire, and deploy new IS technologies and capabilities.
• Conducting web scanning and automated code testing of in-house applications, and guiding developers and IT colleagues on coding best practices and mitigations.
• Supporting the closure of key cyber security threats and vulnerabilities.
• Participating in a diverse and inclusive culture with trust and respect, and contributing to cross-team/division/department efforts.
Requirements include:
• University Degree in computer science, engineering, or related discipline.
• Minimum of 5 years practical experience in IT Security Operations, Network infrastructure in a corporate environment with large-scale transaction websites and complex IT infrastructures.
• Cybersecurity certification such as GCIH, GSOC, CISSP, CISA, CISM, OSCP, MITRE ATT&CK Defender, or similar.
• Experience in Threat and Vulnerability Management.
• Technical background, particularly in web application development, infrastructure & networking.
• Excellent inter-personal skills.
• Ability to communicate technical topics to management and non-technical audiences.
• Strong analytical, problem-solving, and documentation skills.
• Expertise in security testing, threat and vulnerability management tools and techniques.
• Deep knowledge of secure networking infrastructure, Firewall, IDS/IPS, WAF, Secure MTA, Load Balancer, Internet Proxy, and End-Point security.
• Working knowledge of security data analytics and incident handling.
• Working knowledge in ISO27001/2 or regulatory compliance standard.
Key responsibilities include:
• Performing threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds.
• Collaborating with IT infrastructure, network operations teams, and other IT stakeholders to review and assess new set ups, changes, and upgrades to the organisation's network infrastructure and network components.
• Performing vulnerability scanning across the Club's technology landscape and working with key stakeholders to identify, govern, and mitigate identified vulnerabilities.
• Working with assigned Project Manager to drive small- to mid-size IS initiatives to evaluate, acquire, and deploy new IS technologies and capabilities.
• Conducting web scanning and automated code testing of in-house applications, and guiding developers and IT colleagues on coding best practices and mitigations.
• Supporting the closure of key cyber security threats and vulnerabilities.
• Participating in a diverse and inclusive culture with trust and respect, and contributing to cross-team/division/department efforts.
Requirements include:
• University Degree in computer science, engineering, or related discipline.
• Minimum of 5 years practical experience in IT Security Operations, Network infrastructure in a corporate environment with large-scale transaction websites and complex IT infrastructures.
• Cybersecurity certification such as GCIH, GSOC, CISSP, CISA, CISM, OSCP, MITRE ATT&CK Defender, or similar.
• Experience in Threat and Vulnerability Management.
• Technical background, particularly in web application development, infrastructure & networking.
• Excellent inter-personal skills.
• Ability to communicate technical topics to management and non-technical audiences.
• Strong analytical, problem-solving, and documentation skills.
• Expertise in security testing, threat and vulnerability management tools and techniques.
• Deep knowledge of secure networking infrastructure, Firewall, IDS/IPS, WAF, Secure MTA, Load Balancer, Internet Proxy, and End-Point security.
• Working knowledge of security data analytics and incident handling.
• Working knowledge in ISO27001/2 or regulatory compliance standard.
More jobs from The Hong Kong Jockey Club
Data Engineer (Trading and Player Risk)
The Hong Kong Jockey Club
Software Engineer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Senior Research and Market Intelligence Analyst
The Hong Kong Jockey Club
Data Science
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Technical Manager for Application Development
The Hong Kong Jockey Club
Software Engineer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
UX Design Manager
The Hong Kong Jockey Club
UX/UI Designer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Deputy Executive Manager, IT Programme Management (Marketing, Digital Platform and Customer Service Design)
The Hong Kong Jockey Club
Digital Marketing
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
Senior UX Design Lead
The Hong Kong Jockey Club
UX/UI Designer
Central and Western, Hong Kong
7 days ago
Full Time
Onsite
Technology, Information and Media
More jobs like this
Senior Technical Manager, Cyber Risk Mitigation and Controls Implementation
The Hong Kong Jockey Club
Central and Western, Hong Kong
Manager, Cybersecurity
Haitong International Management Services Company Limited
Central and Western, Hong Kong
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
Central and Western, Hong Kong
🎉 Got an interview?