Last Updated: 2022/07/15
Company: Information Security Industry: Casino Resorts
Responsibilities:
Assist in strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future information security technologies
Administer CyberSecurity tools, such as DLP, Web Security Gateway, MDM, VPN, Vulnerability Management, Server Policy Compliance Management, PIM, IAM and MFA
Experience with ITIL methodology
Participate in evaluating, planning, and implementing of new CyberSecurity technologies and systems
Creates, identifies and enhances processes that may leverage new or existing technologies to improve protection or reduce risk
Responsible for managing DLP enhancement, triage of information security incidents and perform malware analysis and reverse engineering
Assist in identifying data leakages such as Personally Identifiable Information (PII), confidential, or restricted communications
Performs periodic and on-demand system audits and vulnerability assessments
Monitor and analyze logs / alerts from SIEM and variety of CyberSecurity tools, such as NIPS, Anti-Virus, APT in order to enhance security postures
Monitor cloud and local environment on an ongoing basis to ensure that it remains secure and compliant with external regulations
Review firewall change requests and assess organizational risk
Prepares incident reports of analysis methodology, root cause, and improvement plan
Develops, implements, and maintains a corporate-wide risk management and employee training / awareness program
Participate in developing, implementing and assessing data security procedures and controls to ensure compliance with applicable regulatory and legal requirements, such as DICJ, SOX, and ISO27001
Participate in maintaining information security and risk management policies, procedures and technical standards to support corporate objectives
Participate in internal audit and prepare risk assessment reports associated with IT infrastructure, system accesses, and potential threats/risks etc.,
Performs periodic risk assessments of existing application and infrastructure functionality Remain informed on current standards, trends, and issues in the information security industry
Requirements:
Bachelor’s Degree in Computer Science or other related scientific or technical discipline, CISSP, or security-related certifications is preferred
3+ years’ relevant experience in information security, 2+ years’ experience with installation, configuration, and administration of Forcepoint DLP System
Experience with other security tools, such as, Forcepoint WSG, CyberArk PIM, ArcSight SIEM, RSA MFA, FireEye APT, QualysGuard, Symantec SEP, and with multiple operating systems security: Windows 2008/2012/2016, Windows 7/8/10, MacOS, Unix, and Linux.
Understanding of network design, architecture, OSI model and TCP/IP
Knowledgeable of exploitation methods, attacks and tools used by skilled hackers
Exposure to Cloud computing
Ability to maintain discretion and with strong analytical skills/problem solving/conceptual thinking
Excellent written and verbal communication in English (and preferably Cantonese or Mandarin)