Cyber Security Director - Security Operations and Defence
Salary HKD1,500,000 - HKD2,600,000 per annum + good bonus
Location Hong KongFULL_TIME
Consultant Fiona Fung
Date posted 11 September 20192019-09-11 2019-11-10 it Hong Kong HK HKD 1500000 2600000 2600000 YEAR Robert Walters https://www.robertwalters.com.hk https://www.robertwalters.com.hk/content/dam/robert-walters/global/images/logos/web-logos/square-logo.png
My reputable client is hiring a cyber security expert with strong leadership background to lead their talented team.
About the responsibilities:
- Lead the security team to oversee security control design, implementation, and drive organisational-wide cyber security defense strategy
- Ensure the security controls are embedded across the organisation and any control gaps are remediated
- Establish operational procedures and manage workforce plans for the security operations teams along with the Cyber Risk team, review continuously the effectiveness of the controls to help develop a three-to-five year roadmap
- Oversee day-to-day implementation of cyber security controls across the enterprise including the SOC
- Understand, assess the risks, threats and vulnerabilities confronting the organisation and continuously align business and security resources behind these in a prioritised, risk-driven manner
- Execute a security operations plan, oversee the company's enterprise-wide cyber incident response, controls operations, offensive security testing, and incident response experience, SOC, Security Information Event Management (SIEM), Security Orchestration and Automated Response tools (SOAR), Threat Intelligence feeds and tools, Anomaly Detection, UEBA, and Cyber Analytics for proactive threat hunting
About the requirements:
- 12 years of cyber security experience working in cyber operational security structures, defining organisational security policies, procedures, standards and guidelines for best practice.
- Solid experience in security Operations including: IAM, WAF, Firewalls, DDoS, IPS, EDR, AV, DLP, FIM, Anti-phishing, VM, DNS, SCM, eDiscovery, Cyber Analytics, Threat Intelligence, SIEM, UEBA, SOAR and forensics
- Experience leading a corporate or government security programme and applying NIST framework
- Experience in network security architecture and design, Continuous Improvement Continuous Delivery (CICD), SecOps/DevOps pipeline establishment, SDN, virtualisation and auto-provisioning/auto-scaling
- Experience in the use of threat modelling, threat intelligence and attack frameworks (such as Mitre Attack), intelligence informational protocols (STIX & TAXII, TTP, IOCs), dark net forums, TIP, OSINT and other platforms.
- Experience in presenting cyber and/or technology risk reporting, audit management and controls effectiveness to stakeholders