Job Details – Security Engineer
- Participate in Audits and help remediate the findings
- Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Work with IT and business units to provide an advisory role to achieve security requirements by enforcing security control policies as planned
- Maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices
- Develop Security awareness material and conduct Security awareness training to Cathay Pacific employees
- Validate and enforce baseline security configurations for operating systems, applications, networking and telecommunications equipment
- Monitor compliance reviews and carry out assessments; follow up on deficiencies identified and ensure remediation steps have been taken
- Manage day-to-day tasks for: identity and access management, Anti-virus, password management, PKI, IPS, cloud security, SIEM, DLP etc.
- Process normal and exception-based security authorization requests
- May require to provide 24×7 on call assistance in responding to security incidents.
- Higher Diploma or above in Information Technology or other related disciplines
- At least 3 years in the IT industry, with at least 1 years’ experience in security
- Certification in information security disciplines such as CISM, CISA or CISSP is highly preferred
- Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL, PCI are preferred
- Experience with implementation of security technologies such as: DLP, SIEM, IPS, Anti-Virus, PKI, and cloud security are preferred
- Experience in managing and monitoring the performance of third-party vendors are preferred
- Experience working with security monitoring tools are preferred
- Experience managing recovery from an incident or major disasters are preferred