Information Security Engineer - Associate - Security Services - IT (hkex)

Job Description

Location:

Shift:

Scheduled Weekly Hours:

Worker Type:

Job Summary:

Job Duties:

Responsibilities 

• Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
• Identify and define system security requirements.
View Orignal JOB on: italents.net
• Design computer security architecture and develop detailed cyber security designs. 
• Configure and troubleshoot security systems and infrastructure devices. 
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks. 
• Maintain all solution design documentation, processes, procedures and report on metrics to demonstrate effective and efficient management of services. 
• Work with handling security tool standard changes, such as Regular email template, access profile and data source update on Identify Governance & Administration (IGA) tool.
• Delivery security service on-boarding such as connecting systems to Privileged Access Management (PAM) and IGA platforms, maintaining System Account Listing (SAL) for automated reconciliation and annual account recertification campaign.  
• Work with product vendors and suppliers to maintain and enhance existing security tooling and products. 
• Ensure that the organization security tools can detect and help with the response to cyber security incidents. 
• Document and validate disaster recovery testing for CyberSecurity tools. 
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancements. 
• Support in managing the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials. 
   

Requirements:

• Proven work experience as a System Security Engineer or Information Security Engineer. 
• Experience in building, maintaining and operating security systems and platforms. 
• Hands on experience in PAM, IGA, Identity & Access Management (IAM) security systems. 
• Experience with network security and networking technologies and with system, security, and network monitoring tools. 
• Thorough understanding of the latest security principles, techniques, and protocols (such as zero trust, etc). 
• Problem solving skills and ability to work under pressure. 
• Must have strong information security technology knowledge/concepts and can effectively communicate with senior management and a broad range of technical/non-technical audiences.  
• Strong written communication skills and verbal presentations to senior management.   
• Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience. 
• Good presentation, project planning and documentation skills. 
• Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols. 
• Familiarity with application, database and operating system security. 
• Familiarity with cloud security technologies (AWS or Huawei Cloud Stack (HCS) is preferred). 
• Familiarity with risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP, NIST Cybersecurity Framework. 
• Familiarity in scripting (Python) or automation (Ansible) is an advantage. 
• Familiarity with Identity and Lifecycle management is an advantage. 
• Previous experience in regulated environments is an added advantage. 

Company Introduction:

ITD SZ

港交所科技（深圳）有限公司，是2016年12月28日于深圳市前海自贸区成立的外商独资企业。

作为港交所的技术子公司，港交所科技（深圳）有限公司主要是为集团及其附属公司提供计算机软件、计算机硬件、信息系统、云存储、云计算、物联网和计算机网络的开发、技术服务、技术咨询、技术转让；经济信息咨询、企业管理咨询、商务信息咨询、商业信息咨询、信息系统设计、集成、运行维护；数据库管理、大数据分析；以承接服务外包方式提供系统应用管理和维护、信息技术支持管理、数据处理等信息技术和业务流程外包服务。