Information Security Analyst
Job Details
Full Job Description
• Reporting to the Information Security (IS) Manager, the
Information Security Analyst (ISA) will perform - i. vulnerability
scanning and automated code testing operations; ii. threat assessment
and patch management advisory operations; iii. IT-related security
incident containment and response; iv. management and implementation
of IS initiatives; and v. risk assessment of new IT systems or
enhancements.
• Work with business and IT stakeholders to schedule
and perform system and network vulnerability scanning, classify and
prioritise risks, and guide relevant stakeholders to ensure that
systems and services that are either developed in house or acquired
commercially are secured against known attack vectors and prevalent
threats.
• Perform threat assessment and patch management advisory
operations via analysis of open and commercial security intelligence
feeds, and ensure business and IT patch management teams comply with
defined Service Level Agreements (SLAs) for security patch
deployment.
• Perform web scanning and automated code testing of
in-house applications, and guide developers and IT colleagues on
coding best practices and mitigations prior to production release to
ensure that systems are resistant to known attack vectors, e.g. OWASP
Top 10, when deployed.
• Work closely with IT developers and
operations to respond to, mitigate and resolve IT-security related
incident, so that there is no or minimal business impact and
deficiencies that led to the incident are fixed.
• Work with
assigned Project Manager to drive small- to mid-size IS initiatives to
evaluate, acquire and deploy new IS technologies and capabilities, and
ensure initiatives get completed on time and budget.
• Perform
information security risk assessment and technical advisory for
assigned project areas to ensure compliance to HKJC IS policy,
standards and practices, as well as mitigation of all identified
risks.
• Work closely with IT development and architecture teams to
build up a culture of secure design and programming practices
throughout the entire system development lifecycle.
Job Requirements
#J-18808-LjbffrInformation Security Analyst
Classy Wheeler Limited
All Direct Job Ads are subject to WhatJobs Terms of Service. We allow users to flag postings that may be in violation of those terms. Job Ads may also be flagged by WhatJobs. However, no moderation system is perfect, and flagging a posting does not ensure that it will be removed.