Are you looking to make a meaningful impact in the cybersecurity field with a market-leading insurance company?
This candidate will manage cyber risk and ensure data protection while developing policies to meet regulatory compliance requirements. Additionally, the role involves conducting security awareness training programs to educate staff on best practices and potential threats.
Responsibilities:
- Security Surveillance: Continuously monitor network activity, analyze alerts from security tools, and identify anomalies.
- Incident Management: Investigate security events, conduct root cause analysis, and implement remediation strategies.
- Threat Intelligence: Research emerging threats and vulnerabilities; collaborate with stakeholders to deploy effective countermeasures.
- Compliance Audits: Conduct regular evaluations of IT systems and third parties to ensure adherence to policies.
- Policy Development: Assist in creating and enforcing security policies and procedures.
- Employee Training: Provide educational sessions on cybersecurity best practices and threat recognition.
- Collaborative Efforts: Partner with IT professionals to design and implement secure systems and applications.
- Record Keeping: Maintain comprehensive documentation of security incidents, investigations, and policies.
- Data Reporting: Compile and present reports on security incidents and overall cybersecurity posture for management review.
Candidate requirements:
- Bachelor's degree in Cybersecurity, Computer Science, Technology or a related field with a minimum 5 years of experience in cybersecurity position.
- Proficient in security technologies such as firewalls, WAF, EDR, PAM, vulnerability management.
- CISSP, CISA, or Microsoft Security Operations Analyst certified if preferred.
- Self-Motivated: Strong ownership and proactive attitude towards solving security challenges.
- Knowledge of the NIST Cybersecurity Framework is a plus.
- Proven track record in tackling complex security issues with strong problem-solving skills.
- Excellent verbal and written skills in Cantonese, English, and Mandarin to convey security information clearly to diverse audiences.
