Information Security Manager (SIEM, UBA,CASB)

Job Title: Information Security Manager (SIEM, UBA,CASB)
Contract Type: Permanent
Location: Central, Central and Western District
Salary: Negotiable
Reference: 43954_1591240962
Contact Name: Andrey Sin
Contact Email:
Job Published: June 04, 2020 11:22

Job Description


  • Be the Group Information Security champion to direct the design, implementation and governance of information security standard, security policy & guidelines, best practices and systems
  • Research the latest information technology security trends and keep abreast of latest threat intelligence
  • Conduct and manage group security risk assessment and compliance check on regular basis
  • Be the point of contact to internal or external parties in all matters relating to information assurance and security
  • Support and coordinate the execution of external and internal IT audit
  • Own and manage the implementation and usage of security tools including end-point protection, security awareness, email protection, advanced threat protection, network security, mobile security, privileged account management, …, etc
  • Direct the installation and configuration of infrastructure equipment (e.g., firewalls, end points), to guard against cybersecurity attack and protect sensitive information
  • Be the overall responsible of the group security event detection and response function
  • Lead the security operations team, including managed SOC, to effectively monitor, detect and investigate security incidents/events on 7x24 basis
  • Coordinate closely with Infrastructure & Operations team to perform incident management on 7x24 basis
  • Own and manage the Cybersecurity Awareness Program to regularly organize employee security training and carry out phishing test
  • Recommend security enhancements to IT management
  • Perform vendor management for security vendors

The Successful Candidates:

  • University Degree in Computer Science or related disciplines
  • At least 10 years experience in Information Security and Infrastructure, preferably in InfoSec or Security Operation environment
  • Holder of security certificates (e.g. CISSP, CISM, CISA, CEH, ... etc.) is a must
  • Holder of ISO 27001:2013 certification is highly desirable
  • First-hand knowledge and proven experience with security monitoring, protection and automation products such as SIEM, UBA, PAM, CASB and SO Automation tools
  • Hands-on experience with security infrastructure (e.g. Privileges ID management, Endpoint security, Firewall, PIM, IPS, DLP, APT and WAF) and web technologies (e.g. HTTP and .Net)
  • Up-to-dated knowledge of technical security controls in a modern IT environment including private cloud, Microsoft Azure, Office 365 and Amazon Web Services
  • Proven experience in designing and implementing security standard, policy and guidelines
  • Experience of writing and introducing effective information security and compliance policies/guidelines
  • Proven track record of leading in-house security operations team to perform incident management for security incidents and events including lessons learned
  • Highly self-motivated and able to work under pressure
  • Strong vendor management skill
  • Good Interpersonal and Communication skills
  • Customer focused and influential, with a strong desire to drive results

Click "Apply Now" to apply for this position or call Andrey Sin at +852 3180 4951 for a confidential discussion. All information collected will be kept in strict confidence and will be used for recruitment purpose only.