Location: HKEX - TKO Shift: Standard - 40 Hours (Hong Kong SAR) Scheduled Weekly Hours: 40 Worker Type: Contract Job Summary: The Information Security Engineer is responsible for designing, building and maintaining enterprise IT security solutions to address the organization's security requirements. Reporting to the Information Security Services Lead, this role will work closely with IT Innovation Lab, software engineering teams, IT infrastructure team, IT compliance, security operations and cyber technology risk team. You play a key role in protecting the organization. Job Duties: Responsibilities: Engineer, implement and monitor security measures for the protection of computer systems, networks and information Identify and define system security requirements Design computer security architecture and develop detailed cyber security designs Configure and troubleshoot security systems and infrastructure devices Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks Maintain all solution design documentation, processes, procedures and report on metrics to demonstrate effective and efficient management of services, especially SIEM Delivery security service on-boarding such as connecting systems to SIEM Review IT systems to ensure that they have met security acceptance criteria. Work with product vendors and suppliers to maintain and enhance existing security tooling and products Ensure that the organization security tools can detect and help with the response to cyber security incidents. Document and validate disaster recovery testing for CyberSecurity tools. Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancements Support in managing the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials. Design and execute processes to make BAU changes to security tools Automate or script changes and validation processes Requirements: Proven work experience as a System Security Engineer or Information Security Engineer Experience in building, maintaining and operating security systems and platforms Hands on experience in a number of security systems, including log management, content filtering, SOC tools, threat detection etc Experience with network security and networking technologies and with system, security, and network monitoring tools Thorough understanding of the latest security principles, techniques, and protocols (such as zero trust, etc) Problem solving skills and ability to work under pressure Must have strong information security technology knowledge/concepts and can effectively communicate with senior management and a broad range of technical/non-technical audiences. Strong written communication skills and verbal presentations to senior management. Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience. Good presentation, project planning and documentation skills Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols Familiarity with application, database and operating system security Familiarity with cloud security technologies (AWS or Azure is preferred) Familiarity with risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP, NIST Cybersecurity Framework Familiarity in scripting or automation is an added advantage Familiarity with Identity and Lifecycle management is an advantage Previous experience in regulated environments is an added advantage Company Introduction: Hong Kong Exchanges and Clearing Limited (HKEX) is one of the world's major exchange groups, and operates a range of equity, commodity, fixed income and currency markets. HKEX is the world's leading IPO market and as Hong Kong's only securities and derivatives exchange and sole operator of its clearing houses, it is uniquely placed to offer regional and international investors access to Asia's most vibrant markets. As the global markets leader in the Asian time-zone, we offer a world of opportunities for early careers and experienced hires. Here, we know that diverse thinking fosters better solutions, and we are committed to building an open and dynamic environment which allows our business to innovate and our people to thrive. Discover the latest career opportunities and programmes at HKEX. HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
x
