ITD10179: AVP, IT Security and Network

Key Responsibilities

· Work in the IT Infrastructure team of IT department
· Design and implement infrastructure and information security projects including APT solution, SIEM, security training, vulnerability and patch management, privilege account management, NAC, UEBA, WAF, NG firewall, IPS, DLP, secured web proxy, DR site, anti-virus and anti-malware, VPN…etc. and administer, maintain and support the above platforms and solutions upon completion of implementation
· Lead and provide support to internal and external infrastructure requests and incidents. Proactively follow through the entire handling and support processes
· Establish and enrich IT infrastructure and security policies, standards, procedures and guidelines with up-to-date industry standard. Review and identify IT infrastructure and security risk and recommend improvement resolution
· Design, develop and enrich infrastructure contingency plan. Lead and execute the relevant drills as according to the plan regularly
· Plan, coordinate and conduct IT audit, regular risk assessments and test solely or with external parties. Proactively follow-up the result and recommendation to advise proper resolutions
· Plan, coordinate and conduct regular employee infrastructure and security training
· Research on new information technology and perform product evaluation with vendors
· Provide day-to-day maintenance and support on general infrastructure areas as well

Requirements

· Bachelor degree in Information Technology, Computer Science or related disciplines

· Minimum 5 years practical experience in IT infrastructure areas

· Candidates with IT security experience such as in-house IT security officer, SOC analyst/operator or IT security consultant companies with be an added advantage

· IT security certification holder such as CISSP or equivalent is an added advantage

· Hand on experience in IT infrastructure project management and IT security assessment is preferable

· Working experience in FSI sector is an added advantage

· Sound knowledge of Splunk Enterprise Security is an added advantage

· Knowledge in the IT security industrial standard such as ISO27001 is an advantage

· Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC is an advantage

· Exposure to different IT security vendor products

· Proficient level of familiarity with infrastructure administration e.g. firewall, IPS, VPN, APT protection, anti-virus and malware, Windows and Linux, Splunk, VMWare, SAN …etc.

· Experience in using issue tracking systems is added advantage

· Required to work overtime for non-office hour deployment or support

· Good analytical mind, problem solving and communication skills

· Team player, responsible, independent, self-starter, motivated, multitasking and able to take initiative to get projects completed

· Good command of written and spoken English and Chinese with fluency in Mandarin; knowledge of Simplified Chinese a plus