Cyberssecurity ManagerHeadquartersHKCMIXApplyStaff Application
Responsibility
Coordination and Stakeholder InterfaceLead regular syncs with customer on security controls, reporting, and change impacts.Coordinate with internal network, firewall, identity, data center ops, and compliance teams to ensure delivery aligns with business and regulatory objectives.Requirement Translation and Task ExecutionConvert customer policies/controls into ITOC SOPs, runbooks, detection rules, dashboards, and ticket workflows in SIEM/SOAR and ITSM.Define RACI, remediation SLAs, and MTTR targets; drive continuous improvement through metrics reviews.Security Solutions and Technical ImplementationDesign, implement, and operationalize:Next Gen Firewall and VPN segmentation, including SSL/IPsec, client cert-based auth, and microsegmentation baselines.SIEM onboarding and content engineering: log ingestion, parsing, lookup enrichment via REST API, correlation rules, and dashboards for anomaly detection.EDR/XDR operations and use-case lifecycle: policy tuning, detection engineering, and response playbooks.Privileged Access Management: policy hardening, vault operations, and operator runbooks.Optimize controls for HPC: high-throughput telemetry ingestion, tenant isolation at network and identity layers, bastion/privileged session controls, image/baseline governance, and secure job sandboxes.Escalation and Incident ResponseOwn escalations beyond ITOC SOP: triage, containment, forensics handoff, root cause and corrective action (RCCA), and stakeholder communications.Lead tabletop and DR exercises; maintain IR playbooks integrated with SIEM, EDR, PAM, and firewall workflows.Requirements
•Bachelor’s degree in Information Security/IT or related field.• 3+ years of IT/security engineering and operations experience, including:• SIEM onboarding/content.• EDR/XDR operations.• NGFW/VPN configuration and policy management.• PAM implementation and operations, including DR configuration.• Exposure to government/regulated environments and financial services security use cases is a plus.Solid grasp of risk management, incident response, vulnerability remediation workflows, and security architecture fundamentals.Ability to convert compliance/control requirements into actionable SOPs, dashboards, alerts, and ITSM processes; familiar with ITIL/ITSM.Comfortable with Agile/Waterfall delivery; tools such as Jira/Confluence/MS Project.Understanding of HPC/security considerations: network segmentation for high-throughput fabric, GPU/accelerator tenant isolation, secure remote access, and image baseline control.Certifications (aligned to CV; additional are a plus)Preferable additions: CISSP, CISM, PMP, ISO 27001 LA, CEH, CCSP, technology vendor certification.Clear communicator with both technical and non-technical stakeholders; capable trainer for frontline operators.Strong analytical and problem-solving skills; calm under pressure with sound incident decision-making.Proficient in English and Chinese; Cantonese advantageous.Project-driven with on-call/off-hours support for changing windows and major incidents.Onsite presence at Supercomputing Center and China Mobile facilities as required.