· Develop, enhance and maintain IT security Policies, Guidelines, Procedures
· Conduct risk assessments and make recommendations to meet company's security requirements
· Ensure that previous audit/security recommendations are addressed and implemented
· Identify best practices to meet security requirements
· Perform vulnerability scanning and penetration testing on critical platforms
· Security incident handling and investigation
· Implement and maintain firewall, anti-virus and intrusion detection systems
· Maintain legal compliance in data security
· Maintain PCIDSS compliance
· Coordinate with different internal teams to implement BCP and DRP
· Provide IT Security awareness training to company users
· Diploma or above in Computer Science / Information Technology or related discipline
· 2 years of working experience in Information Security, IT Security, IT Risk Management or IT Audit
· Security experience in the following preferred: PCIDSS compliance, Vulnerability Scanning, Hardening, Penetration Testing
· Hands on experience in Firewall, Windows systems, Linux systems and vulnerability assessment tool will be an advantage
· Excellent communication and interpersonal skills
· Experience in implementation of IT security management such as ISO 27001 or PCIDSS
· Strong desire to learn new technologies
· Can work independently, innovative, self-motivated and strong problem solving skills
· IT Security qualifications such as CISSP, CISM or CISA preferred but NOT a must
· Good command of spoken and written English or Cantonese
Candidate with less experience will be considered as an assistant IT Security Officer.
We offer attractive remuneration, 5-day work week, medical insurance and other fringe benefits to the right candidate. Interested parties please send your full resume with date of availability and expected salary to the email [email protected].
Applicants not hearing from us within 6 weeks may consider their applications unsuccessful. We may also consider their application for other or future vacancies. Personal data of unsuccessful applicants will be retained for a maximum period of 6 months.