Can't find your job on the list?
IT Security Operations Manager - IC
Client Description

Renowned aviation and logistics company

Job Description

• Develop, Manage and improve operational practices including overseeing service delivery for all aspects of the managed security services provider.
• Drive Security monitoring and reporting improvements.
• Manage budgets of IT Security Operations team
• Facilitate in developing security awareness material and trainings for staff
• Managing and Mentoring IT Security Operations staff
• Overseeing the creation and maintenance of information security strategy and policy, leads security risk assessment efforts, and investigation of information security incidents.
• Ability to manage and handle multiple matters and reprioritization as required by operational and security needs
• Strong communication skills verbal and written.
• Advising and collaborating with different divisions/departments on projects, business continuity and disaster recovery plans, and audit and compliance practices.
• Lead and manage all aspects of the outsourced Security Operations Center including weekly and monthly reporting, health and operational metrics and adherence to contractual SLAs
• Manage to annual budget and ability to forecast spend
• Revise and develop processes to strengthen the current Security Operations Framework, ensure alignment with security controls
• Responsible for vendor management, understand the overall use of resources and initiate any corrective action where required for the SOC
• Responsible for integration of security tools and ensuring the right security logs are feeding the SIEM
• Ensure strong alignment with various vendors involved in Threat detection, identification and protection.
• Drive the creation of reports, dashboards, metrics for SOC operations and presentation to Leadership
• Liaison with both internal and external auditors providing evidence and managing any remediation
• Foster the use of security best practices across the SOC, team members within Global Information Security, Business segments and technology solution providers
• Ensure all operational processes, run books and platform strategies are documented, exercised and continually improved
• Provide an advisory role to IT and the Business to specify pragmatic security requirements
• Participate in Audits and help remediate the findings
• Provide oversight to all security product evaluations, IT/Business Unit Projects and security risk assessments.
• Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
• Assist in the development of security architecture, security policies, principles and standards
• Approve exception-based security requests
• Maintain up-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices
• Provide inputs to develop Security awareness material and conduct Security awareness training to staff
• Contribute to maintain and update IT Risk Register
• Assist the Data Protection Officer in enforcing data privacy requirements for IT systems.
• Define, develop, and manage an effective and proactive Cyber security Incident Response capability using a combination of in-house, outsourced and external resources.
• Assist as necessary to investigate security breaches and pursue associated forensic analysis, disciplinary and legal matters.
• Work with Internal Audit, Legal and Compliance and outside consultants as appropriate on required security audits.
• Assist with disaster recovery activities
• Participate and Contribute in development and improvement of Data Governance and Data classification principles

Job Requirements

• Certification in information security disciplines such as CISM, CISA or CISSP
• University graduate in IT
• 10 years within IT Security field and particular in Security Operations in last 5 years.
• At least 3 years management experience
• Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL, PCI
• Experience with implementation of security technologies such as: DLP, SIEM, IPS, Anti-Virus, PKI, and cloud security
• Experience with privacy legislation
• Able to present and communicate with senior stakeholders

Information Technology
Employment Type
Salary Range
HK$ 80000 - 95000
Yr(s) of Exp
Education Required
Bachelor Degree or above
Chek Lap Kok
Post Date