Saved
More jobs from this company >

Pacific Career devotes itself to the recruitment industry; we have a solid business foundation with a team of recruitment consultants who have good industry network and connections.

Pacific Career has successfully acquired IT Search in Jan, 2004. IT Search is well known in the IT recruitment market. IT Search is currently supplying IT candidates to big IT vendors, government and utilities organizations.

Pacific Career and IT search are committed to the Recruitment Industry focusing on non-IT and IT sector respectively. We aim to provide value added service by screening and selecting perfect match candidates for clients need.

Contact Information:

IT Search, a division of Pacific Career Ltd.: Room 1103, 11/F, Shanghai Industrial Investment Building, No. 48-62, Hennessy Road, Wan Chai, Hong Kong. General Line: (852) 3116 8433 Fax: (852) 3116 8438; web site: www.itsearch.com.hk

Pacific Career devotes itself to the recruitment industry; we have a solid business foundation with a team of recruitment consultants who have good industry network and connections. Pacific Career has successfully acquired IT Search in Jan, 2004. IT Search is well known in the IT recruitment market....

Pacific Career devotes itself to the recruitment industry; we have a solid business foundation with a team of recruitment consultants who have good industry network and connections.

Pacific Career has successfully acquired IT Search in Jan, 2004. IT Search is well known in the IT recruitment market. IT Search is currently supplying IT candidates to big IT vendors, government and utilities organizations.

Pacific Career and IT search are committed to the Recruitment Industry focusing on non-IT and IT sector respectively. We aim to provide value added service by screening and selecting perfect match candidates for clients need.

Contact Information:

IT Search, a division of Pacific Career Ltd.: Room 1103, 11/F, Shanghai Industrial Investment Building, No. 48-62, Hennessy Road, Wan Chai, Hong Kong. General Line: (852) 3116 8433 Fax: (852) 3116 8438; web site: www.itsearch.com.hk

Information Security Analyst (Application Security)

Job level Middle
Work exp Minimum 3 Years
Education Bachelor Degree
Location
Not Specified Unspecified
Employment type Full Time
Benefits 5-day week, Medical plan, Performance bonus
Industry Trading / Import & Export / Wholesale
Job function Digital / Web / Mobile > Webmaster / SEO
Information Technology > Network / System Admin
Information Technology > Security / Audit
Published On 20/01/2018 2018-01-20

DIVISION / DEPT

  • IT & Sustainability / Information Security

 

PURPOSE AND SCOPE OF ROLE

Reporting to the Information Security (IS) Manager, the Information Security Analyst (ISA) will perform

  • vulnerability scanning and automated code testing operations;
  • threat assessment and patch management advisory operations;
  • IT-related security incident containment and response;
  • management and implementation of IS initiatives; and
  • risk assessment of new IT systems or enhancements.

 

KEY ACCOUNTABILITIES

  • Work with business and IT stakeholders to schedule and perform system and network vulnerability scanning, classify and prioritise risks, and guide relevant stakeholders to ensure that systems and services that are either developed in-house or acquired commercially are secured against known attack vectors and prevalent threats.
  • Perform threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds, and ensure business and IT patch management teams comply with defined Service Level Agreements (SLAs) for security patch deployment.
  • Perform web scanning and automated code testing of in-house applications, and guide developers and IT colleagues on coding best practices and mitigations prior to production release to ensure that systems are resistant to known attack vectors, e.g. OWASP Top 10, when deployed.
  • Work closely with IT developers and operations to respond to, mitigate and resolve IT-security related incident, so that there is no or minimal business impact and deficiencies that led to the incident are fixed.
  • Work with assigned Project Manager to drive small- to mid-size IS initiatives to evaluate, acquire and deploy new IS technologies and capabilities, and ensure initiatives get completed on time and budget.
  • Perform information security risk assessment and technical advisory for assigned project areas to ensure compliance to HKJC IS policy, standards and practices, as well as mitigation of all identified risks.
  • Work closely with IT development and architecture teams to build up a culture of secure design and programming practices throughout the entire system development lifecycle.

 

QUALIFICATIONS /EXPERIENCE

(min. requirements)

  • A university degree with strong technical background, particularly in web application development and/or networking
  • 3 to 8 years¡¦ experience working in technical IT roles, with at least 3 years¡¦ hands-on development experience working in a corporate environment with large-scale transaction websites and complex IT infrastructures and operations. Minimal 3 years¡¦ experience in technical IS risk assessments or testing; a CEH, GSEC or equivalent certification will be advantageous.
  • Working knowledge of Secure Development Lifecycle (SDLC) and AGILE methodologies; DevOps experience will be advantageous.
  • Excellent analytical skills and ability to create and present technical concepts and reports to senior IT management. Professional proficiency in Putonghua would be advantageous.

 

TECHNICAL SKILLS (min.)

  • Excellent programming experience in Java, .NET, Objective C, HTML5 and/or JavaScript. Experience with Perl, PHP, and Python would be desirable. In-depth experience of secure coding practices, source code review, and Internet threat vectors such as the OWASP top 10.
  • Good working knowledge of Windows, Linux, OSX and mobile operating systems.
  • Working knowledge of vulnerability testing tools and methodologies.

 

Interested parties please send your full CV (with your current and expected salary and notice period required) in MS Word format to IT Search - cv(at)itsearch(dot)com(dot)hk or youmay apply through this advertisement.

 Due to large number of application we received daily, we cannot personally contact every candidate. Only short-listed candidates will be contacted. Personal information submitted by job applicants will be used for recruitment purpose only.

You can check our other jobs from www.itsearch.com.hk