Principal Security Specialist - IT ( Security Operation Centre) (12-Month Contract) Principal Security Specialist - IT ( Security  …

Hong Kong Exchanges and Clearing Limited
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
Competitive
Hong Kong Exchanges and Clearing Limited
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
Competitive
Principal Security Specialist - IT ( Security Operation Centre) (12-Month Contract)
Job responsibilities:
  • Manage and impement IT security related projects
  • Work with vendors for the implementation of new security products and technologies for HKEX
  • Regular review of threat alerts from multiple threat intelligence feeds
  • Support red-team (attack simulation) and blue-team (fine tuning of detection and protection policies) exercise
  • Threat hunting based on defined threat model for the company and attack scenarios
  • Feed threat intelligence into SOC operation to speed up incident identification, response and investigation
  • Perform patch assessment for major OS platforms and technologies
  • Provide advisory for CIS benchmark adoption and review exceptions
  • Coordinate DDoS stress test/penetration tests and follow up test findings
Job Requirements:
  • High diploma or university degree in computer science or related disciplines
  • At least 8 years of relevant experience in IT, preferably in information security.
  • Experience on using Threat Intelligence Platform (TIP) to review and analyze cybersecurity threats
  • Experience on vulnerability assessment and system hardening
  • Good knowledge and experience with security monitoring, automation products and forensic tools such as SIEM, UBA, EDR and SOAR
  • Good knowledge and experience with security infrastructure products (e.g. PIM, Firewall, IPS, DLP, APT and WAF) and web technologies (e.g. HTTP and .Net)
  • Good knowledge and experience with vulnerability and compliance management products (e.g. Acunetix, Fortify SCA, Qualys, Tenable and RAPID7)
  • Able to analyze cybersecurity threats that may impact the company, including the information from security news, threat reports, threat intelligence feeds, social media etc.
  • Able to search through security events to spot internal and insider threats
  • Able to identify gaps/weaknesses in SOC monitoring capability by mapping detection rules to attack kill chain tactics and techniques, i.e. MITRE ATT&CK framework.
  • Able to perform malware analysis and using sandbox for detailed investigation
  • Holder of valid CISSP, CCNP, CEH and/or MCSE are advantage
  • Self-motivated and able to work under pressure
  • Good communication skills
  • Willing to work outside office hour
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.
Hong Kong Exchanges and Clearing Limited logo
Close
Loading...