|Title:||Incident Response Lead, Information Security|
|Job Location:||, - Hong Kong|
|Salary:||contact recruiter for details|
|Employer Will Recruit From:||Nationwide|
A licensed virtual bank in Hong Kong
Report to Chief Information Security Officer
• Work with a team of cybersecurity enthusiast.
• Hands-on experience with market leading security solutions.
• Fast moving fintech environment.
• To help driving and improving the Bank’s cyber incident response & security monitoring capabilities.
Anomalies activity and cyber incident detection
• Manage the anomalies activity detecting process.
• Assess the monitoring needs and define the monitoring scope and approach.
• Work closely with Security Operation Center to ensure that the monitoring process are effective.
• Oversight and monitor on the activities performed by the Security Operation Center.
• Monitor security events reported to ensure that all events are properly handled.
• Response to security events escalated from the Security Operation Center and work with the relevant parties to investigate and response when needed.
• Develop relevant information security metrics to monitor the bank’s information.
• security posture and translate it into meaningful insights for the senior management.
Cyber incident response and management
• Manage security incident and develop response plan and playbooks for various attacks and security events.
• Oversight and monitor security incidents to ensure that all incidents identified are managed according to the incident management procedure and response plans.
• Ensure escalation and reporting process are in place and followed.
• Perform analysis to assess incident impact and determine whether the involvement of external investigators or forensic analysis are required to support incident investigation.
• Work with external investigators on forensic analysis during cyber and information security incidents.
• Drive the bank’s regular incident response drills exercise in responding to cyber and information security incidents.
Threat monitoring and analysis
• Monitor threat intelligence from various sources to discover emerging cyber threats affecting the bank and customers.
• Perform threat analysis and to identify potential security controls or remediation and other security improvement in response to the threats.
• Perform threat hunting, leveraging available indicators of compromise, to identify potential threats that are lurking undetected.
• Threat intelligence sharing and to collaborate with 3rd parties and industry peers.
• Manage the threat and vulnerability management program.
• At least 8 years of experience in information & cyber security from either the banking and finance industry or security consulting with primary focus on Incident Response or Intrusion Detection.
• Solid understanding of incident response, threat modeling and common attack vectors, adversary tactics, techniques & procedure, MITRE ATT&CK framework.
• Hands on experience in: Using Splunk Enterprise Security, Analyzing security log & network traffic, Identifying and investigating security incidents.
• Prior experience in malware analysis, virus exploitation and mitigation techniques, and digital forensic.
• Understanding of network, desktop and server technologies, network intrusion methods, network containment, segregation techniques, IDS and IPS.
• Degree holder major in Computer Science or related field.
• Relevant certification in information security (e.g., CISSP, CISA or CISM etc.)
University - Bachelor's Degree/3-4 Year Degree