Principal Security Specialists - Security Operations - Information Security - AVP
- Manage security related incidents from notification, escalation, containment, eradication and recovery.
- Security incident analysis and forensic investigation.
- Response to emergency and non-emergency calls from internal users.
- Develop and maintain security operations procedures and guidelines.
- Develop and automate security incident response process.
- Maintain security detection rules and corresponding response playbooks.
- Security operations management metric reporting.
- Plan and organize cyber security drills.
- Optimize security monitoring tools and/or implement new tools for continuous operations and enhancement.
- University degree in computer science or related disciplines.
- Experienced in security incident detection, incident response, malware analysis and forensic investigation.
- In-depth knowledge and experience in usage of SIEM. ArcSight experience is preferred.
- Holder of valid security related certifications (CISSP/CEH/CSA) is an added advantage.
- At least 8 years of relevant experience in IT, preferably in information security or security operation center environment.
- Knowledge and experience in streamline and automate incident response process.
- Familiar with security technologies (such as SIEM, SOAR, UEBA, DLP, Antivirus, EDR, WAF, IPS/IDS, Anti-DDoS Services, PIM, Honeypot, Forensic Tools and Vulnerability Scanners).
- Familiar with Windows / Linux OS and TCP/IP networking protocols.
- Familiar with cloud and emerging technologies (i.e. container, APIs, etc.).
- Confident, self-motivated and able to work under pressure.
- Organize and able to develop clear procedures and guidelines.
- On call support and working out of office hour is required.
- Good inter-personal communication skills.
- Fluent in English and Cantonese.
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.