Now hiring

Analyst, IT Security Engineering, IT @ Citicclsa

Hong KongOnsiteFull-timePosted 14 days ago

Opens on the employer's site

About this role

Position Description We are looking for an IT Security Analyst who is proactive, self-motivate, willing- to-do attitude to be part of an international IT Security team to engineer and support security solutions. As a team member in IT security team, you will be a contributor to the company’s IT and Cyber security strategy and operations. You and your team will be managing a portfolio of IT security tools in identity access management, network intrusion detection system, endpoint protection, email security, data leakage protection, application security, and other information security controls.

Key Areas of Responsibilities

• Conduct penetration testing, vulnerability scanning and code review on IT systems including but not limited to: Web, Network, Server, thick client applications, mobile applications, AI applications, Internet of Thing (IOT), to identify potential security risks and provide remediations.

• Review and perform security assessments on above IT systems’ architecture & design and on Software-As-A-Service (SaaS) such as Microsoft 365 application suite and other SaaS solutions.

• Cyber-attack simulation and red teaming

• Assist on Evaluating, Design, planning and implementing IT security solutions such as Web Application Firewall (Akamai, Cloudflare, AWS WAF, Azure WAF), Single Sign On (Microsoft Entra/Okta/Cisco Duo), Zero Trust Solution (Zscaler, Palo Alto Networks, Microsoft Entra Private Access), malware Sandboxing

• Assist on first and second level support for some of team’s existing security controls and tools, penetration test vulnerability scanning tools and other IT security tools

• Form an effective working relationship with the team’s key stakeholders - IT Security team members, IT teams and business teams.

• Be the subject matter expert for some of the IT Security tools.

• Design and deliver new strategic security initiatives with collaboration from business partners.

• Keen to learn on new technology evaluation and implementation: Public Key Infrastructure (PKI): Root Certificate Authority, Microsoft Cloud PKI, certificate, Microsoft Intune. Post Quantum Computing: Quantum Safe Hardware Secure Module(HSM), Key Management System(KMS), next generation IP Sec VPN AI Red Teaming

Requirements

• Bachelor Degree of above in IT, Computer Science

• 3-5 years related experience in cybersecurity, with knowledge in regulatories

• Industry Certifications (e.g. OSCP)

• Good understanding of security principles and technologies

• Experience on security services - Penetration testing, security risk assessment/technical review, vulnerability scanning and assessment

• Strong Knowledge and understanding on Public Cloud Cisco ASA, VPN and Network device Hypervisor and virtual machine Active Directory SIEM, Endpoint Detection & Response (EDR), Application Whitelisting, Data leakage and Malware AnalysisUp-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices

• Experience in scripting and process automation

• Windows, Networking and Database fundamentals

• Knowledge on security products such as web filtering, anti DDoS, malware, anti-virus, DLP solutions

• Strong communication skills in English and Chinese, as well as project management skills

Stay informed on CITIC CLSA Job Opportunities Not the right fit? You can create a job alert to receive our latest job openings that meet your interest.

Ready to apply?

Install the ResuMinder extension and we'll auto-fill the application in seconds — no rewriting.

Get the extension →
See how your CV scores — free
Analyst, IT Security Engineering, IT at Citicclsa | ResuMinder Jobs