Security Operations Analyst (3 years contract)
Cathay Pacific Airways Ltd
- Company Industries:Others
Job Information
- Post Date:2016-12-22
- Career Level:Middle
- Location:Not Specified
- Salary:Salary provided
- Employment Type:Contract, Full Time
- Job Function:Others
- Benefits:Five-day work week
Job Description
Department: Information Management
Reports to: Security Operations Lead
Join our IT Infrastructure and Operations, Security Team and help analyze Corporate Information Security environment, recommend security measures to safeguard Cathay Pacific’s valuable IT assets.
Key Responsibilities:
- Work with business units to provide an advisory role, achieve security requirements by enforcing security control policies as planned
- Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Assist in development of security architecture, policies, principles and standards
- Resolve negative audit findings reported by internal and external audits
- Validate and enforcing baseline security configurations for operating systems, applications, networking and telecommunications equipment
- Monitor compliance reviews and carry out assessments; follow up on deficiencies identified and ensure remediation steps have been taken
- Provide subject matter expertise on a variety of security initiatives, including but not limit to access entitlements, data privacy, key management and encryption
- Research, evaluate and propose security enhancements to maintain or surpass industry standards
- Review, design and re-engineer security operational processes with current and new technologies to improve security controls and business performance
- Govern the security requirement is fulfilled along with Change/Project management process in order to comply with operational standards/guidelines
Requirements:
- Bachelors degree in Computer Science or related field
- Minimum 6 years’ solid working experience in the IT industry, with at least 2 years in security role
- Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL
- Proficiency in performing risk, business impact, control and vulnerability assessments
- Strong problem solving and analytical skills
- Certification in Information Security disciplines such as CCSK, CISM, CISA or CISSP preferred
- Working experience including one or more of PKI, digital signatures, SSL, VPN IPSec, LDAP, encryption, web proxy, DLP and Single Sign-On approaches
- Sound understanding of the Software Development Life Cycle, with a focus on IT security
- Good experience of IT security services integration, including authentication, entitlements, encryption and audit capabilities as part of overall system designs
- Solid experience on database activity monitoring solutions and database security/auditing solutions
- Experience with database administration, mission critical system and OLTP applications, preferred skills include: Demonstrated understanding of internet protocols, network architecture and appliances, along with knowledge of network security technologies
- OLTP (Online Transaction Processing)
- OLAP (Online Analytical Processing)
- Administration of Relational Databases
- Oracle, Java, and/or SQL experience
- Demonstrated understanding of well-known web/Internet attack types, such as cross-site scripting, SQL injection, buffer overflows and format string bugs…etc.
- Good project management, lateral thinking and planning skills
- Experience in IT along with strong technical marketing background
- Sound interpersonal. Strong verbal, written, negotiation/presentation skills in communication with business units and senior management
Application Deadline: 30 Nov 2016
Company Info
Position | Company | Location | Update |
---|