ITD10179: AVP, IT Security and Network
Key Responsibilities
· Work in the IT Infrastructure
team of IT department
· Design and implement infrastructure and information security projects
including APT solution, SIEM, security training, vulnerability and patch
management, privilege account management, NAC, UEBA, WAF, NG firewall, IPS,
DLP, secured web proxy, DR site, anti-virus and anti-malware, VPN…etc. and
administer, maintain and support the above platforms and solutions upon
completion of implementation
· Lead and provide support to internal and external infrastructure requests and
incidents. Proactively follow through the entire handling and support processes
· Establish and enrich IT infrastructure and security policies, standards,
procedures and guidelines with up-to-date industry standard. Review and
identify IT infrastructure and security risk and recommend improvement
resolution
· Design, develop and enrich infrastructure contingency plan. Lead and execute
the relevant drills as according to the plan regularly
· Plan, coordinate and conduct IT audit, regular risk assessments and test
solely or with external parties. Proactively follow-up the result and
recommendation to advise proper resolutions
· Plan, coordinate and conduct regular employee infrastructure and security
training
· Research on new information technology and perform product evaluation with
vendors
· Provide day-to-day maintenance and support on general infrastructure areas as
well
Requirements
· Bachelor degree in Information Technology, Computer Science or related disciplines
· Minimum 5 years practical experience in IT infrastructure areas
· Candidates with IT security experience such as in-house IT security officer, SOC analyst/operator or IT security consultant companies with be an added advantage
· IT security certification holder such as CISSP or equivalent is an added advantage
· Hand on experience in IT infrastructure project management and IT security assessment is preferable
· Working experience in FSI sector is an added advantage
· Sound knowledge of Splunk Enterprise Security is an added advantage
· Knowledge in the IT security industrial standard such as ISO27001 is an advantage
· Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage
· Exposure to different IT security vendor products
· Proficient level of familiarity with infrastructure administration e.g. firewall, IPS, VPN, APT protection, anti-virus and malware, Windows and Linux, Splunk, VMWare, SAN …etc.
· Experience in using issue tracking systems is added advantage
· Required to work overtime for non-office hour deployment or support
· Good analytical mind, problem solving and communication skills
· Team player, responsible, independent, self-starter, motivated, multitasking and able to take initiative to get projects completed
· Good command of written and spoken English and Chinese with fluency in Mandarin; knowledge of Simplified Chinese a plus