(Senior ) Technical Manager (Information Security Incident Response) (IS - BAU)

The Hong Kong Jockey Club
Hong Kong
Permanent
115 days ago
About the job
Job descriptions
DEPARTMENT:

The Information Security Department of the Information Technology and Sustainability Division works to protect the reputation and enhance operational resiliency of the Hong Kong Jockey Club by ensuring the availability, integrity, and confidentiality of the Club\'s communications and network infrastructure, application systems and data.

JOB_DESCRIPTION:

You will:

- Deliver advanced analysis and recommend remediation steps for cyber security events and incidents.

- Updates process document to address contemporary gaps observed from new cyber scenarios.

- Lead investigations on security incidents to minimalize the risks to an acceptable level.

- Perform root cause analysis and recommend necessary actions to be taken.

- Support Senior Manager in analysing business needs in the information security area and recommend and give opinions on technical security implementations and solutions to several levels within the club.

- Advise IS security engineering team in detection gaps and any observation in security control gaps coverage to IS Operation team.

- Lead the team to coordinate with Data Centre OPS team, Betting Incident Management team.

- Manage and verify security-related alerts

- Manage the coordination on the remediation of security issues during incidents.

- Manage the incident response process.

- Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross team/division/department efforts and model collaborative behaviours

ABOUT_YOU:

You should have:

- University degree qualification with strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking.

- Familiar with NIST "Computer Security Incident Handling Guide".

- Worked with Incident management system and SIEM.

- Sound working knowledge of information technology and Security industry trends and issues.

- Experience with OWSAP top10 and DDOS attack techniques and protection.

- Experience with cybersecurity including offense and defence, and vulnerability protection.

- Experience with one or more public cloud security products.

- Experience with TCP/IP principles.

- Strong experience with Windows and Linux related to security.

- Able to communicate effectively with across each Lines of Business to champion and motivate for change to their respective security cultures.

- Able to manage execution of action plans for ensuring the safety and security of all information system assets.

- Knowledge of a broad range of cyber security topics e.g. governance, identity and access management, supply chain risks, security operations, incident management etc.

- Knowledge of AWS, Google Cloud.

- Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.).

- Have experience on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage.

TERMS_OF_EMPLOYMENT:

The level of appointment will be commensurate with qualifications and experience. A contract employment will be offered to the successful candidate. Contract renewal will be subject to mutual agreement between the Club and the individual.

CLOSING_DATE:

Only shortlisted candidates will be notified.

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club\'s notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.
Skills required
Popular courses
Understanding Marketing Basics For Businesses
The biggest problem with marketing today is that it’s overwhelming. So many different strategies, tactics, and tools to try – with everybody screaming that their way is the best way, if not the only way to get results. That’s why in this episode I’m going to help you cut through the clutter and focus on 10 key marketing basics and fundamental principles you must know to succeed with marketing today.
How To Get Clients With Cold Emails
This is a crash course in writing cold emails that will convert into leads. I've made this course as simple and to the point as possible. No fluff, no marketing buzzwords to bog you down. Just 100% pure unadulterated actionable information for you to start using ASAP.
How To Become Smarter A Step By Step Guide To Improving Your Intelligence
The point of our course is to be able to apply concepts in a practical manner. I want you to walk away from each video with real, actionable skills - not just dull theory. With that being said, it's time for a short assignment: the intelligence checklist. This will help you internalize and better understand how the concepts you've learned in the last half hour apply to the real world.
Explore all courses

At Vanna we believe you should enjoy what you do and where you work. We provide unique insights into the culture, values and environment of companies and their opportunities as well as expert career advice.

The newsletter that does the job

Relevant advice, informative tips, job offers, company profiles and more...

You can unsubscribe whenever you want. We won’t bother you, promise.