Contract Security Analyst

Multiple openings around IT Security Space. Click "Apply" if you are interested in any of the below roles.

Responsibilities:

IT Security Governance Analyst

• Support the IT Security Governance team in strengthening oversight of technology and cybersecurity risks to facilitate rapid Fintech initiatives.
• Participate in developing security standards and guidelines for emerging technologies and IT solutions.
• Assist in monitoring and reporting Key Risk Indicators (KRIs) to identify potential security vulnerabilities.
• Review technology deviations, assess third-party risks, and assist in independent assessments for critical IT projects.
• Oversee remediation actions for audits and regulatory reviews, ensuring effective implementation of cybersecurity initiatives and security monitoring.

Cyber threst intelligence specialist

• Serve as the specialist for cyber intelligence, providing stakeholders with timely updates on the threat landscape and enhancing their situational awareness of cyber risks.
• Liaise with global and local industry peers and government cybersecurity organizations (e.g., HKCERT) to share intelligence and best practices.
• Lead the Cyber Intelligence Team in leveraging intelligence sources and tools to produce sector-specific, actionable threat and vulnerability insights.
• Coordinate cyber intelligence resources, including tools and human sources, while advising IT and Operational Technology staff on emerging threats.
• Develop cyber threat profiles and analyze attacker tactics to inform Group Security and senior management, aiding in risk assessment and strategy adjustment.

IT Security Analyst

• Assist in planning, executing, and monitoring security tasks to ensure alignment with security objectives and compliance standards.
• Support the rollout and management of the Security program, integrating security measures into all relevant processes.
• Facilitate effective communication and collaboration with consultants, IT, and development teams on security initiatives and project deliverables.
• Maintain up-to-date documentation of project progress and security policies, and prepare regular reports on security metrics and compliance for stakeholders.
• Help identify security risks and vulnerabilities, develop mitigation strategies, and contribute to security training and awareness programs to foster a security-conscious culture.

Requirements:

• Possess a bachelor's or master's degree in Computer Science, Information Technology, Cybersecurity, or a related field, along with relevant professional cybersecurity certifications (e.g., CISM, CISA, CISSP).
• Have a minimum of 2-3 years of experience in IT security or related audits, with familiarity in security frameworks, compliance standards, and a strong understanding of cyber threats and vulnerabilities.
• Demonstrate strong analytical thinking and problem-solving skills, along with a commitment to continuous improvement and effective resource management.
• Exhibit excellent communication and interpersonal skills, capable of collaborating with diverse teams and articulating complex ideas clearly in both English and Chinese.
• Experience in project support within a security or IT environment, with proven organizational skills to manage multiple tasks, and a preference for familiarity with Data Leakage Prevention, Privileged Access Management, and secure software development practices.