7 months ago
- Work with Asset Managment IT and and security team to develop, implement, and enhance company security capabilities, policies, processes, and programs
- Interface with the company technology risk, audit, and compliance to develop and execute security self-assessment and internal audit plans
- Daily security operational tasks including DLP, Anti-spam, anti-virus, end point security solutions, perimeter security solutions
- Manage the vulnerability management program, including scanning, analyzing, and tracking on the progress of the patching
- Manage the penetration test program
- Manage the application security program including static and dynamic code scan and tracking
- Handle the security incident analysis and respond
- Bachelor degree or above. (Information Technology or related is preferred but not required)
- Industry certifications (i.e. ISC2, ISACA, SAN), though are not essential, will help differentiate the candidates.
- At least 8+ years working experience in IT security operation
- Fluent in English and Mandarin
- Strong knowledge with security system/solution, like DLP, IPS/IDS, WAF, SIEM, etc.
- Strong knowledge in Vulnerability assessment and management
- Ability to multi-task and handle multiple projects.
- Ability to evaluate technical and functional specifications and identify possible threats or areas of weakness.
- Ability to review code of enterprise applications and identify possible security vulnerabilities.
- Establish and maintain relationships with key leaders in security and technology
- Understanding of OWASP Top 10 software vulnerabilities
- Perform vulnerability analysis activities, review vulnerability scan results
- Understanding of cyber exercises to include planning, execution and lessons learned generation.
- Prior background as a developer or infrastructure engineer is a plus