Principal Security Specialist - IT ( Security Operation Centre) (12-Month Contract)
- Manage and impement IT security related projects
- Work with vendors for the implementation of new security products and technologies for HKEX
- Regular review of threat alerts from multiple threat intelligence feeds
- Support red-team (attack simulation) and blue-team (fine tuning of detection and protection policies) exercise
- Threat hunting based on defined threat model for the company and attack scenarios
- Feed threat intelligence into SOC operation to speed up incident identification, response and investigation
- Perform patch assessment for major OS platforms and technologies
- Provide advisory for CIS benchmark adoption and review exceptions
- Coordinate DDoS stress test/penetration tests and follow up test findings
- High diploma or university degree in computer science or related disciplines
- At least 8 years of relevant experience in IT, preferably in information security.
- Experience on using Threat Intelligence Platform (TIP) to review and analyze cybersecurity threats
- Experience on vulnerability assessment and system hardening
- Good knowledge and experience with security monitoring, automation products and forensic tools such as SIEM, UBA, EDR and SOAR
- Good knowledge and experience with security infrastructure products (e.g. PIM, Firewall, IPS, DLP, APT and WAF) and web technologies (e.g. HTTP and .Net)
- Good knowledge and experience with vulnerability and compliance management products (e.g. Acunetix, Fortify SCA, Qualys, Tenable and RAPID7)
- Able to analyze cybersecurity threats that may impact the company, including the information from security news, threat reports, threat intelligence feeds, social media etc.
- Able to search through security events to spot internal and insider threats
- Able to identify gaps/weaknesses in SOC monitoring capability by mapping detection rules to attack kill chain tactics and techniques, i.e. MITRE ATT&CK framework.
- Able to perform malware analysis and using sandbox for detailed investigation
- Holder of valid CISSP, CCNP, CEH and/or MCSE are advantage
- Self-motivated and able to work under pressure
- Good communication skills
- Willing to work outside office hour
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.