Infrastructure Security Specialist
Hong Kong, Hong Kong, Hong Kong
Applications have closed
Sopra Steria
Sopra Steria, a European Tech leader recognised for its consulting, digital services and software development, helps its clients drive their digital transformation to obtain tangible and sustainable benefits.Sopra Steria is a listed European tech leader specializes in Consulting, Digital Service, and Software. We have 50,000 employees worldwide located in different regions (Europe, North America and Asia), whereby Singapore is the HQ for APAC. EvaGroup Asia Pacific is part of Sopra Steria I2S APAC, in charge of Infrastructure, Cloud and Cybersecurity services.
Responsibilities
- Work closely with SOC, CERT and other security teams and Infrastructure skill teams in daily operation and review security requirements
- Exception management: Evaluate and manage infrastructure security exceptions
- Vulnerability management: Conduct scan, assessment and remediation follow-up
- Incident management: Report and follow security incidents and their remedial actions
- Request / Change management: Conduct security assessment for infrastructure request & changes
- Review security architecture proposed by other infrastructure teams
- Deliver innovation initiative to improve overall infrastructure security and efficiency
- Manage and execute the Infrastructure related security projects
- Be the security Interface with stakeholders at all levels, from technical engineers to senior management
- locally, regionally and globally
- Work closely with other risk and security departments, including all 3 lines of defence
- Cyber reporting: Production of various cyber security reporting (KPIs; KRIs). Coordinate among
- Infrastructure teams to contribute to external stakeholders reporting and requests
- Conduct security & risk awareness training to the Infrastructure teams
Requirements
Knowledge
- Knowledge and hands-on experiences in IT, Infrastructure and information security
- Knowledge and experience in IT infrastructure (speak the language, expertise not required)
- Knowledge in technology regulatory requirement like HKMA, SFC, MAS, GDPR, CBIRC, etc. is required
- Project management experience is desired
- Knowledge and experience in a banking environment will be beneficial but not essential
- Knowledge in the MITRE ATT&CK framework and hands-on experience on security incident investigation processes & techniques
- Security knowledge in the Public Cloud, development and specific Infrastructure domains are a plus
- Professional certification recognized by Regulatory bodies like HKMA, e.g. CISM, CISA or CISSP, is mandatory
Tools
- Hands on knowledge on Security Products/tools such as Identity Management Solution, SIEM, vulnerability management and other security products
- Scripting and automation skills is a plus
Soft Skills
- 3 - 5 years relevant experience
- Able to organize time, multitask, and define priorities (autonomy)
- Able to interact with all level of the organization from operators to executive management members
- Must be able to work collaboratively within a complex organization, across multiple cultures, geographies and disciplines
- Good communication and interpersonal skills
- English proficiency is essential, other spoken languages in the APAC region or French is an advantage
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Automation Banking CERT CISA CISM CISSP Cloud GDPR IT infrastructure KPIs MITRE ATT&CK Scripting Security assessment SIEM SOC Vulnerability management
More jobs like this
Explore more InfoSec / Cybersecurity career opportunities
Find even more open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Management, Cryptography, Digital Forensics and Cyber Security in general - ordered by popularity of job title or skills, toolset and products used - below.
- Open Information Security Officer jobs
- Open Ethical hacker / Pentester H/F jobs
- Open Information Systems Security Officer (ISSO) jobs
- Open Senior Cyber Security Engineer jobs
- Open Principal Security Engineer jobs
- Open Cyber Security Architect jobs
- Open Manager Pentest H/F jobs
- Open Product Security Engineer jobs
- Open Cyber Security Specialist jobs
- Open Staff Security Engineer jobs
- Open Chief Information Security Officer jobs
- Open Cybersecurity Analyst jobs
- Open Senior Information Security Analyst jobs
- Open Consultant infrastructure sécurité H/F jobs
- Open IT Security Analyst jobs
- Open Cybersecurity Consultant jobs
- Open Consultant SOC / CERT H/F jobs
- Open Senior Penetration Tester jobs
- Open Security Specialist jobs
- Open Senior Information Security Engineer jobs
- Open Security Researcher jobs
- Open IT Security Engineer jobs
- Open Cybersecurity Specialist jobs
- Open Senior Security Architect jobs
- Open Sr. Security Engineer jobs
- Open Windows-related jobs
- Open CISM-related jobs
- Open Network security-related jobs
- Open Pentesting-related jobs
- Open ISO 27001-related jobs
- Open Application security-related jobs
- Open Agile-related jobs
- Open GCP-related jobs
- Open Vulnerability management-related jobs
- Open CISA-related jobs
- Open Analytics-related jobs
- Open IAM-related jobs
- Open Threat intelligence-related jobs
- Open SaaS-related jobs
- Open APIs-related jobs
- Open Security assessment-related jobs
- Open Java-related jobs
- Open Malware-related jobs
- Open Forensics-related jobs
- Open DevOps-related jobs
- Open IDS-related jobs
- Open Security Clearance-related jobs
- Open CEH-related jobs
- Open EDR-related jobs
- Open Kubernetes-related jobs