Analyst – Information Security (Operations)Ref:217530

Last Updated: 2022/07/15

Company: Information Security Industry: Casino Resorts


Responsibilities:

  • Assist in strategic information security planning based on industry-standard best practices to achieve business goals by prioritizing defense initiatives and coordinating the evaluation, deployment, and management of current and future information security technologies

  • Administer CyberSecurity tools, such as DLP, Web Security Gateway, MDM, VPN, Vulnerability Management, Server Policy Compliance Management, PIM, IAM and MFA

  • Experience with ITIL methodology

  • Participate in evaluating, planning, and implementing of new CyberSecurity technologies and systems

  • Creates, identifies and enhances processes that may leverage new or existing technologies to improve protection or reduce risk

  •  Responsible for managing DLP enhancement, triage of information security incidents and perform malware analysis and reverse engineering

  •  Assist in identifying data leakages such as Personally Identifiable Information (PII), confidential, or restricted communications

  • Performs periodic and on-demand system audits and vulnerability assessments

  • Monitor and analyze logs / alerts from SIEM and variety of CyberSecurity tools, such as NIPS, Anti-Virus, APT in order to enhance security postures

  • Monitor cloud and local environment on an ongoing basis to ensure that it remains secure and compliant with external regulations

  • Review firewall change requests and assess organizational risk

  • Prepares incident reports of analysis methodology, root cause, and improvement plan

  • Develops, implements, and maintains a corporate-wide risk management and employee training / awareness program

  • Participate in developing, implementing and assessing data security procedures and controls to ensure compliance with applicable regulatory and legal requirements, such as DICJ, SOX, and ISO27001

  • Participate in maintaining information security and risk management policies, procedures and technical standards to support corporate objectives

  • Participate in internal audit and prepare risk assessment reports associated with IT infrastructure, system accesses, and potential threats/risks etc.,

  • Performs periodic risk assessments of existing application and infrastructure functionality Remain informed on current standards, trends, and issues in the information security industry

Requirements:

  • Bachelor’s Degree in Computer Science or other related scientific or technical discipline, CISSP, or security-related certifications is preferred

  • 3+ years’ relevant experience in information security, 2+ years’ experience with installation, configuration, and administration of Forcepoint DLP System

  • Experience with other security tools, such as, Forcepoint WSG, CyberArk PIM, ArcSight SIEM, RSA MFA, FireEye APT, QualysGuard, Symantec SEP, and with multiple operating systems security: Windows 2008/2012/2016, Windows 7/8/10, MacOS, Unix, and Linux.

  • Understanding of network design, architecture, OSI model and TCP/IP

  • Knowledgeable of exploitation methods, attacks and tools used by skilled hackers

  • Exposure to Cloud computing

  • Ability to maintain discretion and with strong analytical skills/problem solving/conceptual thinking

  • Excellent written and verbal communication in English (and preferably Cantonese or Mandarin)

apply