Assistant Technical Manager, Vulnerability Management at The Hong Kong Jockey Club

Job Overview

Company

The Hong Kong Jockey Club

Location

hong kong

Ready to Apply?

Take the Next Step in Your Career

Join The Hong Kong Jockey Club and advance your career in Operations Specialties Managers

Apply for This Position

Click the button above to apply on our website

Job Description

The Department

The Cyber Security and Cloud Platforms Department is responsible for the protection of the Club’s information, information systems, network infrastructure and cloud platforms, as well as assurance over the resiliency and continuity of the Club’s IT infrastructure.

The team is also responsible for establishing governance and formulating cyber security procedures and guidelines to ensure consistent Club-wide safeguards and conformance to regulations in Hong Kong and China.

It works to protect the reputation and enhance the operational resiliency of The Hong Kong Jockey Club.

The Job

Perform threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds, and ensure business and IT patch management teams comply with defined Service Level Agreements (SLAs) for security patch deployment.

Work with IT infrastructure, network operations teams and other IT stakeholders to review and assess new set ups, changes, upgrades to the organisation’s network infrastructure and network components so to ensure any move and change will not introduce security risks to the organisation.

Perform vulnerability scanning across the Club’s technology landscape work with key stakeholders to identify, govern and mitigate identified vulnerabilities.

Work with assigned Project Manager to drive small- to mid-size IS initiatives to evaluate, acquire and deploy new IS technologies and capabilities, and ensure initiatives get completed on time and budget.

Work closely with business and IT stakeholders to schedule and perform system and network vulnerability scanning, classify and prioritise risks, and guide relevant stakeholders to ensure that systems and services that are either developed in-house or acquired commercially are secured against known attack vectors and prevalent threats.

Conduct the web scanning and automated code testing of in-house applications, and guide developers and IT colleagues on coding best practices and mitigations prior to production release to ensure that systems are resistant to known attack vectors, e.g. OWASP Top 10, when deployed.

Support the closure of key cyber security threats and vulnerabilities (e.g. zero-day vulnerabilities or during the Project Development Lifecycle).

Support the reviews and updates of applicable cyber defense policies, regulations, and compliance documents specifically related to Threat Vulnerability Management and Security Testing

Undertake other duties assigned by Cyber Security Management.

Participate, contribute and help shape a diverse and inclusive culture with trust and respect.

Play an active role to support cross team/division/department efforts and model collaborative behaviours.

About You

University Degree in computer science, engineering or related discipline

Minimum of 5 years practical experience in IT Security Operations, Network infrastructure in a corporate environment with large-scale transaction websites and complex IT infrastructures and operations

Cybersecurity certification such as GCIH, GSOC, CISSP, CISA, CISM, OSCP, MITRE ATT&CK Defender etc.

would be desirable

Experience in Threat and Vulnerability Management

Technical background, particularly in web application development, infrastructure & networking

Able to manage execution of action plans for ensuring the safety and security of all information system assets

Excellent inter-personal

Must demonstrate effective oral and written communication skills, with the ability to communicate technical topics to management and non-technical audiences

Must possess analytical, problem solving and documentation skills

Expertise in security testing, threat and vulnerability management tools and techniques, particularly around vulnerability scanning, patch management and penetration testing

In-depth experience of secure coding practices, source code review, and Internet threat vectors such as the OWASP top 10

Deep knowledge of secure networking infrastructure, Firewall, IDS/IPS, WAF, Secure MTA, Load Balancer, Internet Proxy as well as End-Point security

Working knowledge of security data analytics and incident handling

Working knowledge in ISO27001/2 or regulatory compliance standard

Terms of Employment

The level of appointment will be commensurate with qualifications and experience.

Closing Date

Only shortlisted candidates will be notified.

About The Hong Kong Jockey Club

Quick Access Links

Job Details:
https://hk.expertini.com/jobs/job/assistant-technical-manager-vulnerability-management-hong-kong-the-hong-kong-jockey-club-700d28b2f0f5/

Company Jobs:
More The Hong Kong Jockey Club Jobs

Location Jobs:
Jobs in hong kong

Category Jobs:
Operations Specialties Managers Jobs

Don't Miss This Opportunity!

The Hong Kong Jockey Club is actively hiring for this Assistant Technical Manager, Vulnerability Management position

Apply Now