工作描述
52 天前
The Department
The Cyber Security and Cloud Platforms Department is responsible for the protection of the Club's information, information systems, network infrastructure and cloud platforms, as well as assurance over the resiliency and continuity of the Club's IT infrastructure. The team is also responsible for establishing governance and formulating cyber security procedures and guidelines to ensure consistent Club-wide safeguards and conformance to regulations in Hong Kong and China. It works to protect the reputation and enhance the operational resiliency of The Hong Kong Jockey Club.
The Job
• Deliver advanced analysis and recommend remediation steps for cyber security events and related IT incidents.
• Create and update process document to address contemporary gaps observed from new cyber scenarios.
• Lead investigation on security incident to minimalize the risks to an acceptable level.
• Perform root cause analysis and recommend necessary actions to be taken.
• Analyse business needs in the information security area and recommend and give opinions on technical security implementations and solutions to several levels within the club.
• Advise security engineering team in detection gaps and any observation in security control gaps coverage.
• Support integration of security controls including SOAR, SIEM, Threat Intelligence Platform, DLP, UEBA, and Incident Management System.
• Coordinate the remediation of security issues during incidents.
• Align personal development plan with business objectives and embrace the transformation to move the team/department forward.
About You
• University degrees in Computer Science, Engineering or related discipline
• 5+ years of IT experience with at least 2 years in cyber security field
• Familiar with NIST "Computer Security Incident Handling Guide"
• Experience with SIEM or similar cyber incident and event management system
• Experience with OWSAP Top 10 and DDoS attack techniques and protection
• Experience with offensive and defensive security operations
• Experience with one or more public cloud security products
• Experience in writing playbooks to leverage different technologies, within a metric cooperation environment
• Experience with CIS Controls, Vulnerability Scanner, EDR, IPS/IDS, WAF, Security Email Gateway, Security Web Proxy etc.
• Managed SIEM end-to-end, including contemporary threat hunting, and full-stack security log on-boarding process
• Able to manage execution of action plans for ensuring the safety and security of all information system assets
• Preferable past working experience with HKMA on C-RAF 2.0, and iCAST 2.0
• Knowledge of a broad range of cyber security topics e.g., governance, identity and access management, supply chain risks, security operations, incident management etc.
• Understanding of network security zones, firewall, IPS/IDS
• Knowledge of cloud services platform such as Amazon Web Service, Azure, and Google Cloud
• Experience on vulnerability assessment
The Cyber Security and Cloud Platforms Department is responsible for the protection of the Club's information, information systems, network infrastructure and cloud platforms, as well as assurance over the resiliency and continuity of the Club's IT infrastructure. The team is also responsible for establishing governance and formulating cyber security procedures and guidelines to ensure consistent Club-wide safeguards and conformance to regulations in Hong Kong and China. It works to protect the reputation and enhance the operational resiliency of The Hong Kong Jockey Club.
The Job
• Deliver advanced analysis and recommend remediation steps for cyber security events and related IT incidents.
• Create and update process document to address contemporary gaps observed from new cyber scenarios.
• Lead investigation on security incident to minimalize the risks to an acceptable level.
• Perform root cause analysis and recommend necessary actions to be taken.
• Analyse business needs in the information security area and recommend and give opinions on technical security implementations and solutions to several levels within the club.
• Advise security engineering team in detection gaps and any observation in security control gaps coverage.
• Support integration of security controls including SOAR, SIEM, Threat Intelligence Platform, DLP, UEBA, and Incident Management System.
• Coordinate the remediation of security issues during incidents.
• Align personal development plan with business objectives and embrace the transformation to move the team/department forward.
About You
• University degrees in Computer Science, Engineering or related discipline
• 5+ years of IT experience with at least 2 years in cyber security field
• Familiar with NIST "Computer Security Incident Handling Guide"
• Experience with SIEM or similar cyber incident and event management system
• Experience with OWSAP Top 10 and DDoS attack techniques and protection
• Experience with offensive and defensive security operations
• Experience with one or more public cloud security products
• Experience in writing playbooks to leverage different technologies, within a metric cooperation environment
• Experience with CIS Controls, Vulnerability Scanner, EDR, IPS/IDS, WAF, Security Email Gateway, Security Web Proxy etc.
• Managed SIEM end-to-end, including contemporary threat hunting, and full-stack security log on-boarding process
• Able to manage execution of action plans for ensuring the safety and security of all information system assets
• Preferable past working experience with HKMA on C-RAF 2.0, and iCAST 2.0
• Knowledge of a broad range of cyber security topics e.g., governance, identity and access management, supply chain risks, security operations, incident management etc.
• Understanding of network security zones, firewall, IPS/IDS
• Knowledge of cloud services platform such as Amazon Web Service, Azure, and Google Cloud
• Experience on vulnerability assessment
Data Engineer (Trading and Player Risk)
The Hong Kong Jockey Club
软件工程师
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Senior Research and Market Intelligence Analyst
The Hong Kong Jockey Club
数据科学
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Technical Manager for Application Development
The Hong Kong Jockey Club
软件工程师
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
UX Design Manager
The Hong Kong Jockey Club
用户体验/界面设计师
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Deputy Executive Manager, IT Programme Management (Marketing, Digital Platform and Customer Service Design)
The Hong Kong Jockey Club
数字营销
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
Senior UX Design Lead
The Hong Kong Jockey Club
用户体验/界面设计师
中西区, 香港
7 天前
全职
办公室工作
技术、信息和媒体
更多类似工作
Senior Technical Manager, Cyber Risk Mitigation and Controls Implementation
The Hong Kong Jockey Club
中西区, 香港
Technology Risk Manager (Cyber Security Control Division) | Hong Kong, HK
Bank of China (Hong Kong) Limited
中西区, 香港
Senior / Technology Risk Manager (Cyber Security Control Division)
Bank of China (Hong Kong) Limited
中西区, 香港
🎉 Got an interview?