Your new role

• Support the execution of CSIRT capability framework for the Group, including but not limited to governance structure, detection and response capability, security technology tools, threat intelligence workflows and process development
• Review and improve Cyber Defence response capabilities, Managed EDR service capabilities and Managed SOC service capabilities for operating companies, to deliver timely alert, analyse, and respond to cyber threats
• Assist the development of cybersecurity incidents response policy and procedure, and provide incident support to significant information security events for the Group if any and when necessary
• Support incident triage and investigation, and handle incident response and post-mortem reporting
• Manage and develop EDR tools related best practices and advanced threat hunting technique, to increase visibility of cyber threat and ensure timely threat detection, and response capability and quality
• Develop and administer Cyber Defence tools, and security operation related processes and applications in operating companies, to ensure effective compliance of Cyber Defence policies and processes
• Prepare threat intelligence analysis and respective intelligence communications and recommendations, to mitigate cyber threats to security systems and applications
• Provide management an oversight for cyber threat identification, triage, and response of events or incidents which could lead to security breaches

What you'll need to succeed

• A Bachelor’s degree in Information Security Management, Computer Science, Computer Engineering, Network and Telecommunication, or Information Systems Management
• A minimum of 5 years’ cybersecurity working experience, with at least 2 years in cyber defence or security operations
• Professional certifications such as CISSP, OSCP, CCNP, CHFI, GCIH, is preferred
• Proven track record in security operation processes e.g. security patch management process, PAM, and OS lifecycle management process etc.
• Sound knowledge and experience in SIEM, threat intelligence platforms, Cloud platforms, EDR, MDR, Cyber threats and exploitation methods, IOC, and infrastructure security
• Excellent communication skills in both written and spoken English and Chinese. Fluent Putonghua is desirable

What you need to do now
If you're interested in this role, click 'apply now' to forward an up-to-date copy of your CV to conrad.chang@hays.com.hk, or call us now by +852-2230-7914.
If this job isn't quite right for you but you are looking for a new position, please contact us for a confidential discussion on your career.