The Department
The Cyber Security and Cloud Platforms Department is responsible for the protection of the Club’s information, information systems, network infrastructure and cloud platforms, as well as assurance over the resiliency and continuity of the Club’s IT infrastructure. The team is also responsible for establishing governance and formulating cyber security procedures and guidelines to ensure consistent Club-wide safeguards and conformance to regulations in Hong Kong and China. It works to protect the reputation and enhance the operational resiliency of The Hong Kong Jockey Club.
The Job
- Deliver advanced analysis and recommend remediation steps for cyber security events and related IT incidents.
- Create and update process document to address contemporary gaps observed from new cyber scenarios.
- Lead investigation on security incident to minimalize the risks to an acceptable level.
- Perform root cause analysis and recommend necessary actions to be taken.
- Analyse business needs in the information security area and recommend and give opinions on technical security implementations and solutions to several levels within the club.
- Advise security engineering team in detection gaps and any observation in security control gaps coverage.
- Support integration of security controls including SOAR, SIEM, Threat Intelligence Platform, DLP, UEBA, and Incident Management System.
- Coordinate the remediation of security issues during incidents.
- Align personal development plan with business objectives and embrace the transformation to move the team / department forward.
About You
University degrees in Computer Science, Engineering or related discipline5+ years of IT experience with at least 2 years in cyber security fieldFamiliar with NIST “Computer Security Incident Handling Guide”Experience with SIEM or similar cyber incident and event managementsystem
Experience with OWSAP Top 10 and DDoS attack techniques andprotection
Experience with offensive and defensive security operationsExperience with one or more public cloud security productsExperience in writing playbooks to leverage different technologies, withina metric cooperation environment
Experience with CIS Controls, Vulnerability Scanner, EDR, IPS / IDS,WAF, Security Email Gateway, Security Web Proxy etc.
Managed SIEM end-to-end, including contemporary threat hunting, andfull-stack security log on-boarding process
Able to manage execution of action plans for ensuring the safety andsecurity of all information system assets
Preferable past working experience with HKMA on C-RAF 2.0, and iCASTKnowledge of a broad range of cyber security topics e.g., governance,identity and access management, supply chain risks, security operations,
incident management etc.
Understanding of network security zones, firewall, IPS / IDSKnowledge of cloud services platform such as Amazon Web Service,Azure, and Google Cloud
Experience on vulnerability assessmeTerms of Employment
The level of appointment will be commensurate with qualifications and experience.