Specialist, IT Risk & Security
Apply now
Job no: 497198
Work type: Full time
Location: Hong Kong SAR
Department: IT and Digital
HK Express is Hong Kong’s first and only low-cost carrier, always offering great value, affordable fares on one of the youngest and most modern aircraft fleets in the world.
Like you, and just like many people across Asia, we love to travel and discover new places across the world’s most diverse and dynamic region; and at HK Express, we’re opening up new travel experiences that inspire and invigorate millions of people across the region we’re proud to call home. Everything we do is focused on encouraging the spirit of adventure. Our routes provide the inspiration and spontaneity to try somewhere new, disrupting monotonous modern life. As we continue to open up new routes, often in secondary and emerging destinations, our passengers will gain access to an incredible range of places, exploring hidden gems and experiencing local cultures.
We have a diverse and vibrant team that embodies the adventurous spirit of our customers, and loves to travel too. Join us in this journey to make your career even more fulfilling and rewarding.
Role Purpose
- Conduct a security risk assessment for new business initiatives and solutions;
- Support IT security project implementation;
- Perform security testing to enhance the company’s security assurance level;
- Provide information security advisory to business units where required, through participation in advisory engagements;
- Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring;
- Response to security incidents and create security incident reports;
- Conduct a cyber-attack simulation to evaluate the effectiveness of cyber defences across different technology layers;
- Perform security awareness training for all company users
- Creation of reports, dashboards, metrics for SOC operations.
- Cooperate with outsourced Security Operation Centre to handle security findings;
- Support 7/24 on-call for emergency support.
The Ideal Candidate
- Bachelor’s Degree in computer science or IT-related discipline;
- Minimum 5 years working experience, with a minimum of 2 years hands-on experience in Information Security, Internal Control or Operations Risk;
- Experience in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence is preferred;
- Experience in Penetration testing and common vulnerability assessment tools, as well as, using MITRE ATT&CK or similar frameworks is preferred;
- Practical experience of technical and security configuration, operation and administration in Windows OS, Active Directory,
- Domain Group Policy, Linux, Networking, security devices (firewall, NAS, etc.) is preferred ;
- Knowledge of Cloud environments such as AliClould, Azure and GCP is preferred;
- Possess CISSP, CSX, CISA, CISM or other information systems security certifications preferred;
- Good command of written and spoken English & Chinese.
- Stakeholder orientated
Your Future Work Life
- Fly anywhere we fly for free with your friends and family to explore the world
- Hybrid working with flexibility in workplace and working hours to foster work-life harmony
- Open office to collaborate, connect and share great ideas
- Energetic and multicultural teammates from up to 50 nationalities!
- Company-organized shuttle buses connecting the workplace with major locations in the HK Island, Kowloon and N.T.
Advertised: China Standard Time
Applications close:
Back to search results Apply now Refer a friend