IT Security Engineer – Financial Services Industry

Highlights

Our client is a Hong Kong based Financial Institution with international and energetic working environment. You will be working hand-in-hand with employees across the company to ensure that security best practices are a standard part of the way company operates.

Responsibilities

Design, Analyze and Implement Security Tools

Analyze, install and configure security tools related to cloud and the SDLC

Assess, measure and monitor the ability to protect organizations’ sensitive information and unauthorized access prevention

Test and confirm security tools and their implementations

Discover, Prioritize and Resolve Vulnerabilities

Discover vulnerabilities using industry-standard programs and tools, evaluating the criticality of identified issues leading to prioritization

Resolve vulnerabilities using a risk-based approach and run confirmation testing

Develop Information Security Plans and Policies

Develop a set of security standards and best practices for the company and our clients, and recommend security enhancements to both.

Develop blue prints and run books to respond to and recover from security incidents.

Requirements

3+ years of experience with AWS security configurations (e.g. VPC, Security Groups, User / Role Entitlements, API Access Keys, etc.) and cloud security tools (e.g. monitoring, WAF, IDS/IPS, vulnerability management and firewalls)

Bachelor’s Degree in Computer Science or a related field

Working knowledge on IAM solution such as Okta, CyberArk

CIS benchmark implementation on OS, network and infrastructure would be added advantages

Experience with Application Security testing including static and dynamic testing tools and Vulnerability, dependency and container scanning, prioritize security issues applying a risk-based approach

Strong understanding of Web/Internet-based protocols (HTTPS, SSL/TLS, etc.)

Knowledge designing secure networks, systems, and application architectures

Knowledge of disaster recovery, data replication tools, technologies and methods

Knowledge planning and developing security policies, standards, and procedures

Excellent English communication skills

Interested parties please apply with the most updated CV with expected salary and available date via Email. Applicants who do not hear from us within 2 weeks may consider their applications unsuccessful.