Job Purpose
1. Maintain country information security policy and standards;
2. Manage information security operations
3. Manage and deploy cybersecurity project
4. Ensure regional alignment (people, process, documentation and technology)
5. Ensure local regulatory compliance

Job Duties & Responsibilities
1. Responsible and maintain relevant process and procedure, focus on network security / access control / system vulnerability assessment.
2. Responsible for relevant security platform monitoring ( ie. Security log review / NAC / DLP/Hardening etc. )
3. Research and evaluate new and emerging information security technologies.
4. Provide information system related security advisories and consultation for projects. This may include (1) vendor evaluation, (2) technical design, (3) project information security risk assessment.
5. Participate in review of security baselines for information security related infrastructures.
6. Support due diligence related to information system security area.
7. As a computer security incident management team member and effectively respond or support various unpreventable computer security incidents
8. Be as bank IS awareness program promotion team member, coordinate bank BU/SU reps for security issue identifying / solutionning / awareness improving.
9. Ensure Outsource Service Providers (OSPs) comply with established/agreed processes and procedures through random assurance checks and verification
10. Conduct penetration tests in accordance with established guidelines and regulatory requirements.
11. Monitor industry for threats/potential threats, assess, recommend and ensure appropriate actions are taken
12. Ensure that the Bank is prepared to handle computer security incident in term of his/her assigned working scope.
13. Review and manage firewalls, patch and intrusion detection management.

Experience
* More than 8 years’ experience of working experience in Information Security.
* Familiar with the network security information and related products (e.g. Firewall / IDS / Sniff), familiar with the information security management system.
* Familiar with the System hardening on Windows 2000 above and Unix/Linux, etc.
* Two or more years’ experience identifying and responding to hacking incidents, large and small scale virus infections and analyzing systems for symptoms of compromise. (preferred)
* Ability to plan, organize, and effectively participate in projects and lead project tracks
* Ability to provide the information solution individually.
* Is bilingual and fluent in both English and Mandarin languages.
* Effective interpersonal skills, ability to communicate complex issues, designs etc. effectively and to communicate statuses and other business
* A team player, self-motivated, and resulted driven

Education / Preferred Qualifications
* Minimum bachelor’s degree with major of Computer related.
* Working experience in bank is preferred.
* Professional certification of respective IT areas( e.g.HCIE / CCIE / CISP / CISSP / CCSA / CCSE/ CCNA) is preferred.