Information Security Engineer – Associate Security Services IT

Hong Kong Exchanges And Clearing

Job Location:

Shenzhen - China

Monthly Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Location:

CN-Shenzhen-HyQ

Shift:

Scheduled Weekly Hours:

Worker Type:

Permanent

Job Summary:

Job Duties:

Company Introduction:

Were home to Asias most dynamic and vibrant capital markets.
Connecting capital ideas inspiration and innovation for deeper more diverse and liquid global capital markets; providing greater choice and opportunity for our customers each and every day.

HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: ToConnectPromoteandProgressour Markets and the Communities they support for the prosperity of all.

Job Summary:

The Information Security Engineer is part of the Information Security function playing a key role in enhancing the organization security posture. The incumbent is responsible for designing building operating and evolving enterprise IT security solutions to meet the organizations security requirements while engaging key stakeholders to deliver key security services.

Job Duties:

Job Responsibilities:

Engineer implement and monitor security measures for the protection of computer systems networks and information.
Configure and troubleshoot security infrastructure to ensure optimal performance and alignment with security policies.
Maintain all solution design documentation processes procedures and report on metrics to demonstrate effective and efficient management of services.
Support security tool enhancements and policy governance including tasks such as reviewing and updating application control policies managing user access profiles and performing regular recertification of access rights. Tools involved may include application whitelisting platforms and Endpoint Detection & Response (EDR) solutions.
Deliver and maintain core security services such as integrating systems with Identity and Access Management (IAM) platforms (e.g. Privileged Identity Management and Identity Governance & Administration) maintaining system account inventories and coordinating periodic access reviews and recertification campaigns.
Ensure security tools are properly configured and maintained to support the detection of and response to cyber security threats (e.g. tuning alert rules updating threat signatures and integrating tools with incident response workflows).
Conduct and document disaster recovery testing for security tools.
Ensure smooth daily operations of account management processes including reviewing system account requests for accuracy identifying and resolving automation issues and driving process improvements through automation and workflow optimization.
Manage relationship with product vendors and suppliers to ensure timely maintenance updates and enhancements of security tools and solutions.

Job Requirements:

Must have a relevant University degree in Computer Science Information Management or related field or equivalent experience.
Proven work experience as a System Security Engineer or Information Security Engineer.
Experience in building maintaining and operating security systems and platforms.
Hands on experience in EndPoint security (e.g. app control EDR) and IAM (e.g. PIM IGA) tools and related workflows.
Understanding of the latest security principles techniques and protocols (such as zero trust etc).
Ability to work collaboratively in cross-functional teams and communicate effectively with technical and non-technical stakeholders.
Good presentation project planning and documentation skills.
Problem solving skills and ability to work under pressure.
Familiarity with web technologies (e.g. web applications web Services service-oriented architectures) and network/web protocols.
Knowledge with application database and operating system and cloud security (AWS or Huawei Cloud Stack) is an asset.
Experience with scripting (e.g. Python) or automation tools (e.g. Ansible) is preferred.
Understanding of risk / control frameworks such as Mitre ATT&CK D3FEND OWASP or NIST Cybersecurity Framework will be added advantage.
Professional certifications such as CISSP CISM CEH GIAC (e.g. GSEC GCIA GPEN) or AWS Certified Security will be added advantage .

Company Introduction:

ITD SZ

港交所科技深圳有限公司是2016年12月28日于深圳市前海自贸区成立的外商独资企业

作为港交所的技术子公司港交所科技深圳有限公司主要是为集团及其附属公司提供计算机软件计算机硬件信息系统云存储云计算物联网和计算机网络的开发技术服务技术咨询技术转让经济信息咨询企业管理咨询商务信息咨询商业信息咨询信息系统设计集成运行维护数据库管理大数据分析以承接服务外包方式提供系统应用管理和维护信息技术支持管理数据处理等信息技术和业务流程外包服务

Required Experience:

Location:CN-Shenzhen-HyQShift:Scheduled Weekly Hours:40Worker Type:PermanentJob Summary:Job Duties:Company Introduction:Were home to Asias most dynamic and vibrant capital markets.Connecting capital ideas inspiration and innovation for deeper more diverse and liquid global capital markets; providing...

Location:

CN-Shenzhen-HyQ

Shift:

Scheduled Weekly Hours:

Worker Type:

Permanent

Job Summary:

Job Duties:

Company Introduction:

Job Summary:

Job Duties:

Job Responsibilities:

Engineer implement and monitor security measures for the protection of computer systems networks and information.
Configure and troubleshoot security infrastructure to ensure optimal performance and alignment with security policies.
Maintain all solution design documentation processes procedures and report on metrics to demonstrate effective and efficient management of services.
Support security tool enhancements and policy governance including tasks such as reviewing and updating application control policies managing user access profiles and performing regular recertification of access rights. Tools involved may include application whitelisting platforms and Endpoint Detection & Response (EDR) solutions.
Deliver and maintain core security services such as integrating systems with Identity and Access Management (IAM) platforms (e.g. Privileged Identity Management and Identity Governance & Administration) maintaining system account inventories and coordinating periodic access reviews and recertification campaigns.
Ensure security tools are properly configured and maintained to support the detection of and response to cyber security threats (e.g. tuning alert rules updating threat signatures and integrating tools with incident response workflows).
Conduct and document disaster recovery testing for security tools.
Ensure smooth daily operations of account management processes including reviewing system account requests for accuracy identifying and resolving automation issues and driving process improvements through automation and workflow optimization.
Manage relationship with product vendors and suppliers to ensure timely maintenance updates and enhancements of security tools and solutions.

Job Requirements:

Must have a relevant University degree in Computer Science Information Management or related field or equivalent experience.
Proven work experience as a System Security Engineer or Information Security Engineer.
Experience in building maintaining and operating security systems and platforms.
Hands on experience in EndPoint security (e.g. app control EDR) and IAM (e.g. PIM IGA) tools and related workflows.
Understanding of the latest security principles techniques and protocols (such as zero trust etc).
Ability to work collaboratively in cross-functional teams and communicate effectively with technical and non-technical stakeholders.
Good presentation project planning and documentation skills.
Problem solving skills and ability to work under pressure.
Familiarity with web technologies (e.g. web applications web Services service-oriented architectures) and network/web protocols.
Knowledge with application database and operating system and cloud security (AWS or Huawei Cloud Stack) is an asset.
Experience with scripting (e.g. Python) or automation tools (e.g. Ansible) is preferred.
Understanding of risk / control frameworks such as Mitre ATT&CK D3FEND OWASP or NIST Cybersecurity Framework will be added advantage.
Professional certifications such as CISSP CISM CEH GIAC (e.g. GSEC GCIA GPEN) or AWS Certified Security will be added advantage .