Reports to: Senior Manager – Cyber Security Operations Architecture

Department: Group IT Security

Job Purpose:

This role is part of the Group IT Function and has a main responsibility for global cyber threat intelligence (CTI) development and delivery, develop the strategy and implementing Cybersecurity technologies to support the activities related to Security Operations Centre.

This role will be accountable for the CTI development and support, architecture design, technical analysis, solution implementation, and project management for the projects associated with the SOC operations.   The individual requires full coordination with various teams on aligning the deliverables, resolving technical issues that could impact project delivery and monitoring the execution progress with clear success criteria.

Key Responsibilities:

• Degree holder in Computer Science or related disciplines. GIAC Cyber Security Cert or CISSP qualification is preferred
• At least 3 to 5 years experiences with Cybersecurity project implementation/SOC operations are a big plus.
• Ability to manage multiple projects simultaneously
• Ability to resolve conflicts and drive issues to resolution
• Ability to work independently with little or no supervision while maintaining a high level of efficiency
• Strong problem-solving skills and fast learner.
• Liaison skill & teamwork, passion & commitment mentality
• Good interpersonal and communication skills.
• Good command of written and spoken English and Chinese (Mandarin and Cantonese)
• Possession of excellent presentation and briefing skills

Technical Requirements:

• Solid support experiences on SOC operations and project implementations including the integration of other enterprise security tools such as SIEM, SOAR, EDR, NDR, EPP, and other Cybersecurity solutions.

• Good knowledge of SOC design, integration, implementation, and verification
• Good understanding of security incident handling and SOC operating model
• Broad knowledge of cyber security concepts including vulnerabilities, web and application security, access controls and secure architectures.

• Understanding modelling and capable of creating high level models to validate architecture decisions and measure bandwidth performance compared to requirements
• Project management experience preferred
• Familiar with the MITRE ATT&CK Framework, NIST CSF, CIS Controls, Threat modelling, OWASP Top Ten Most Critical Web Application Security Risks.