Share this Job

Date: 08-Aug-2017

Department:  Information Technology

Report to: IT Risk and Security Manager

Key Responsibilities:

  • Participate in Audits and help remediate the findings
  • Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
  • Work with IT and business units to provide an advisory role to achieve security requirements by enforcing security control policies as planned
  • Maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices
  • Develop Security awareness material and conduct Security awareness training to Cathay Pacific employees
  • Provide 24x7 on call assistance in responding to security incidents. This is roster based for up to 10 days per month
  • Validate and enforce baseline security configurations for operating systems, applications, networking and telecommunications equipment
  • Monitor compliance reviews and carry out assessments; follow up on deficiencies identified and ensure remediation steps have been taken
  • Manage day-to-day tasks for: identity and access management, Anti-virus, password management, PKI, IPS, cloud security, SIEM, DLP etc.
  • Process normal and exception-based security authorization requests

Requirements:

  • 5 years within the IT industry, with two years in a similar role
  • Tertiary education in relevant subjects
  • Certification in information security disciplines such as CISM, CISA or CISSP, highly preferred
  • Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL, PCI
  • Experience with implementation of security technologies such as: DLP, SIEM, IPS, Anti-Virus, PKI, and cloud security
  • Experience managing and monitoring the performance of third party vendors
  • In-depth experience working with security monitoring tools
  • In-depth experience managing recovery from an incident or major disasters

(the above experience and qualifications are preferred, but not madatory)

Application Deadline: 23 Aug 2017


Job Segment: Telecom, Telecommunications, Information Security, Technology

Apply now »