Information Security Analyst

Hong Kong, Hong Kong
Last update 2024-03-05
Expires 2024-04-05
ID #2016677317
Information Security Analyst
Hong Kong, Hong Kong,
Modified February 3, 2024


• Reporting to the Information Security (IS) Manager, the Information Security Analyst (ISA) will perform - i. vulnerability scanning and automated code testing operations; ii. threat assessment and patch management advisory operations; iii. IT-related security incident containment and response; iv. management and implementation of IS initiatives; and v. risk assessment of new IT systems or enhancements.• Work with business and IT stakeholders to schedule and perform system and network vulnerability scanning, classify and prioritise risks, and guide relevant stakeholders to ensure that systems and services that are either developed in house or acquired commercially are secured against known attack vectors and prevalent threats.• Perform threat assessment and patch management advisory operations via analysis of open and commercial security intelligence feeds, and ensure business and IT patch management teams comply with defined Service Level Agreements (SLAs) for security patch deployment.• Perform web scanning and automated code testing of in-house applications, and guide developers and IT colleagues on coding best practices and mitigations prior to production release to ensure that systems are resistant to known attack vectors, e.g. OWASP Top 10, when deployed.• Work closely with IT developers and operations to respond to, mitigate and resolve IT-security related incident, so that there is no or minimal business impact and deficiencies that led to the incident are fixed.• Work with assigned Project Manager to drive small- to mid-size IS initiatives to evaluate, acquire and deploy new IS technologies and capabilities, and ensure initiatives get completed on time and budget.• Perform information security risk assessment and technical advisory for assigned project areas to ensure compliance to HKJC IS policy, standards and practices, as well as mitigation of all identified risks.• Work closely with IT development and architecture teams to build up a culture of secure design and programming practices throughout the entire system development lifecycle. Job Requirements

Job details:

Job type: Full time
Contract type: Permanent
Salary type: Monthly
Occupation: Information security analyst

⇐ Previous job

Next job ⇒     


Contact employer

    Quick search:


    Type city or region