Tech Lead / Senior Analyst (Information Security)

The Hong Kong Jockey Club
Hong Kong
Permanent
155 days ago
About the job
Job descriptions
DEPARTMENT:

The Information Security Department of the Information Technology and Sustainability Division works to protect the reputation and enhance operational resiliency of the Hong Kong Jockey Club by ensuring the availability, integrity, and confidentiality of the Club\'s communications and network infrastructure, application systems and data.

JOB_DESCRIPTION:

You will:

- Work with assigned Project Manager and Technical Manager to drive small- to mid-size IS initiatives to evaluate, acquire and deploy new IS technologies and capabilities, and ensure initiatives get completed on time and budget.

- Participate in the process of selecting and reviewing of information security solutions.

- Support security solution design, deployment and necessary documentation in order to ensure compliance to the project development lifecycle, and getting endorsement from IT governance board and technical groups.

- Support Cyber Security Operations team to administer the Certificate Authorities (CA) and Hardware Security Modules (HSM) of a Public Key Infrastructure (PKI) and Key Management cycle of digital certificate generation, renewal and revocations.

- Support information security risk assessment and technical advisory for assigned project areas to ensure compliance to HKJC IS policy, standards and practices, as well as mitigation of all identified risks.

- Work closely with Cyber Security Operations to integrate current and emerging security control policies into security systems, and develop and support documentation and SOPs.

- Carry out proper configuration of security solutions applied in protecting company asset such that the implemented SIEM solution reports all pertinent events

- Participate in supporting cybersecurity solutions to effectively give notice of violations to affected parties, and to reduce incidences of false positives.

- Recommend and execute ideas to improve processes based on lessons learnt over time in performing assigned duties.

- Carry out other enterprise security and support duties that may be assigned by management.

ABOUT_YOU:

You should have:

- A university degree with strong technical background, particularly in Information Technology, Information Security, application security/development and/or networking.

- 3 to 5 years' experience working in technical IT roles, with at least 3 years' hands-on experience in enterprise security infrastructure, IS risk assessments or testing.

- A CISSP, GIAC, CEH or equivalent certification will be advantageous.

- Administrate PKI/ Digital Certificate operations.

- Experience in implementing cyber security and/or compliance systems relevant to Governance, Risk and Compliance platform, Data Lost Prevention, Threat Intelligence and/or Firewall Management.

- Experience in vendor engagement and delivering e-Learning awareness content and execute anti-phishing campaigns.

- Experience in secure network infrastructure, Anti-DDoS, NG Firewall, IDS/IPS, WAF, Secure MTA, Load Balancer, Internet Proxy, as well as DNS hosting.

- Strong understanding of networking protocols, operating systems and cyber security concepts and technologies.

- Promote security awareness and adoption of security standards and practices to staff members.

- Practical understanding of the application of a variety of security tools such as Crowdstrike, Forcepoint, Openpage, Palo Alto Networks, Prisma, Cortex XDR, Recorded Future Intelligence, WildFire, and/or etc.

- Able to administrate and mapping detection rules in Demisto, Splunk, ELK, Carbon Black, Darktrace, ALSID and/or Tufin.

- Good knowledge of PKI infrastructure and operations in digital certificate lifecycle and hands-on operations in certificate generation, renewal and revocation.

- Sound knowledge of incident response methodologies, security issues, vulnerabilities, exploits and security standards that may impact information security.

- Hands-on experiences to PC endpoint whitelisting, Web Isolation and/or MSS handling would be advantageous.

- Good working knowledge of Windows, Linux, OSX and mobile operating systems.

- Detail oriented and have a strong commitment to excellence.

- Able to master good communication skills including written, spoken and presentation skills.

- High collaboration to work in cross teams.

TERMS_OF_EMPLOYMENT:

The level of appointment will be commensurate with qualifications and experience. A contract employment will be offered to the successful candidate. Contract renewal will be subject to mutual agreement between the Club and the individual.

CLOSING_DATE:

Only shortlisted candidates will be notified.

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club\'s notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.
Skills required
Popular courses
SPEED READING FOR RESULTS
This course will teach you how to go from being an average reader, reading maybe a book a month, to becoming a reading master reading 100+ books per year. More than just improving your reading speed you will also learn how to transform your reading into actionable results.
How To Effectively Overcome ANY Sales Objection
You don’t HAVE to lose deals to objections. Overcoming objections is possible, if you know how. While most sales reps have been trained on basic objection handling, they don’t have the advanced skills they need to be master salespeople. In fact, it’s surprising how some of the most commonly used strategies on objections and closing can backfire. This course will go beyond the basic tips on how to deal with sales objections. I’ll share you with some powerful techniques that you can start using today to overcome the objections your prospects throw at you.
10 Steps to Follow to Get Your Products Into Stores
Are you a crafter or designer? Do you make jewelry, leather goods, soap, greeting cards or other product? This is a must watch video to learn the 10 Steps to Follow to Get Your Product Into Stores. Many people do not know where to begin and are full of questions. There is a lot of information out there - with some contradicting advice. I have been selling greeting cards in stores across the country as a solo entrepreneur. I am now sharing my secrets with you for getting your products into stores! It isn't as hard as you think. Just follow these 10 steps and you will be confidently on your way!
Explore all courses

At Vanna we believe you should enjoy what you do and where you work. We provide unique insights into the culture, values and environment of companies and their opportunities as well as expert career advice.

The newsletter that does the job

Relevant advice, informative tips, job offers, company profiles and more...

You can unsubscribe whenever you want. We won’t bother you, promise.