IT 安全管理与运营主管（深圳）

Responsible to execute, monitoring all IT security operation works within the company, including threat hunting and incident response process.

Equips with strong analytic skills, responsible for managing the performance and developing junior team members. This position must able to effectively communicate with all levels of staff within the organization; from different business units across the company to senior management. This position act as front-line IT security operation role. Job rotation within IT security operation is expected.

Key Responsibilities:

1、Provides management oversight to the IT security team

2、Executing all IT security operations solutions administration and operations works.i.e. Endpoint security, Network Security, PAM solution, Cloud security monitoring, SaaS security solutions etc.

3、Work on different IT security request review and approval.

4、Familiarity with security vulnerabilities, exploits, malware and digital forensics as they relate to Incident Response.

5、Maintain good hygiene on IT Security footprint within company IT network.

6、Act as IT security SME within IT security operation team to overcome technical challenges.

7、Capable to perform threat hunting process to response emerging threat landscape.

8、Work with different business unit and extended IT team to overcome various IT security challenge.

9、Manage the relationship with third-party vendors providing services to support incident response

10、Tightly collaborate with external security operation service, i.e. SOC, Manage Defence Model and offshore engineering service.

11、Audit support functions including evidence collect and update, implement the suggested controls

12、Competent to work at a high technical level of forensic and investigations in IT environments, capable of identifying vectors of threats and incidents.

13、Work with others to assist the education of security events and implications, and develop documentation to support the incident response process.

14、E&A Responsibility

Emergency and Accident and Crisis Response responsibilities as required

Qualifications/ Experience:

1、7 years relevant IT security experiences

2、CISSP, CISM, CRISC, ISO 27001 lead auditor or relevant experience is a must.

3、IT security incident investigation and relevant forensic knowledge

4、Strong knowledge on compliance framework i.e. ISO 27001, PCIDSS

5、Strong team development and coaching skills

6、Self-motivation, willing to keep update to market standards and technology