Role Introduction
Reports to: IT Security Operations Senior Analyst
Responsible to execute, monitoring all IT security operation works within the company, including threat hunting and incident response process.
Equips with strong analytic skills, this position act as front-line IT security operation role. Job rotation within IT security operation is expected.
Key Responsibilities
- Executing all IT security operations solutions administration and operations work.i.e. Endpoint security, Network Security, PAM solution, Cloud security monitoring, SaaS security solutions etc.
- Work on different IT security request review and approval.
- Maintain good hygiene on IT Security footprint within company IT network.
- Basic knowledge to perform threat hunting process to response emerging threat landscape.
- Work with different business unit and extended IT team to overcome various IT security challenge.
- Work with third-party vendors providing services to support incident response
- Collaborate with external security operation service, i.e. SOC, Manage Defence Model and offshore engineering service.
- Involve to perform Incident investigation and forensic work.
- Audit support functions including evidence collect and update, implement the suggested controls
- Work with others to assist the education of security events and implications, and develop documentation to support the incident response process.
Requirements
- 3 years relevant IT security experiences
- CISSP, CISM, CRISC, ISO 27001 lead auditor or relevant experience preferred.
- IT security incident investigation and relevant forensic knowledge
- Strong knowledge on compliance framework i.e. ISO 27001, PCIDSS
- Strong team development and coaching skills
- Self-motivation, willing to keep update to market standards and technology
- BA or BS degree in Information Technology, Computer Science, Computer Engineering, or Cyber Security or equivalent
Personal & Application Information
Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.