Position Description
We are looking for an IT Security Analyst who is proactive, self-motivate, willing- to-do attitude to be part of an international IT Security team to engineer and support security solutions.
As a team member in IT security team, you will be a contributor to the company’s IT and Cyber security strategy and operations. You and your team will be managing a portfolio of IT security tools in identity access management, network intrusion detection system, endpoint protection, email security, data leakage protection, application security, and other information security controls.
Key Areas of Responsibilities
- Conduct penetration testing, vulnerability scanning and code review on different IT systems and technologies
- Perform architecture Review and security assessments on IT systems’ design, configuration, source code review on both On-Perm and Cloud
- Conduct Cyber-attack simulation using red team / blue team / purple team exercises
- Prepare and review reports on identified security vulnerabilities and possible recommendations to remediate the vulnerabilities
- Perform access review for vendor and guest access on IT systems and services.
- Assist on Evaluating, Design, planning and implementing IT security solutions, such as Web Application Firewalls, Single Sign On/MFA, Biometric authentication, Cloud Based Public Key Infrastructure (PKI), Malware Sandboxing, AI red teaming, Zero Trust Solutions, etc.
- Assist on first and second level support for some of IT security controls and tools including penetration test tools, vulnerability scanning tools, etc.
- Be the subject matter expert for some of the IT Security tools.
- Build and maintain an effective working relationship with the team’s key stakeholders - IT Security team members, IT teams and business teams.
- Design and deliver new strategic security initiatives with collaboration from business partners.
- Maintain an Up-to-date understanding of the latest threats, vulnerabilities, mitigation and industry best practices, Post Quantum Computing standard (ML-KEM, ML-DSA, SLA-DSA), and developments in Artificial Intelligence.
Requirements
- Bachelor Degree of above in IT, Computer Science
- 3-5 years related experience in cybersecurity, with knowledge in regulatories
- Preferably holds IT Security Certifications such as CISSP, CISA, CISM, etc. Certificates related to offensive security (e.g. OSCP, OSWP, OSEP or equivalent) are an advantage.
- Candidates with backgrounds in Big4, IT consultancy firms, or Cyber Threat Intelligence are welcome to apply
- Hands-on experience with penetration test and vulnerability scanning tools such as Burp Suite, Metasploit, ZAP, Qualys, Tenable/Nessus, Nmap, etc
- Strong communication skills in English and Chinese, as well as project management skills
- Experience of offensive security services on Web, Network, Server, Client Apps, Mobile, AI, Internet of Thing (IOT) is required:
- Penetration testing
- Security risk assessment/technical review
- Configuration review
- Vulnerability scanning and assessment
- Knowledge and understanding of the following areas are the foundation to succeed on this role:
- Microsoft 365 cloud services – e.g. Exchange online, Sharepoint, OneDrive, Teams, etc
- Public Cloud computing platforms - Microsoft Azure, AWS, GCP, Ali Cloud, Tencent Cloud, etc
- AI Tools/Models - OpenAI GPT, Anthropic Claude, Google Gemini, Microsoft Copilot, Amazon Bedrock, Grok
- IP/Cisco Networking
- Virtualization Technology
- Microsoft Active Directory, Microsoft Certificate Authority, Microsoft Windows servers and Linux
- Storage and Database fundamental
Good-to-have
- Knowledge of two or more of the following security areas belowis a plus :
- Web Application Firewalls (Akamai, Cloudflare, AWS WAF, Azure WAF), Web filtering, DDoS protection
- Single Sign On/MFA (Microsoft Entra/Okta/Cisco Duo)
- Malware Sandboxing, Microsoft Cloud PKI and Intune
- Zero Trust Solution (Zscaler, Palo Alto Networks, Microsoft Entra Private Access)
Job ID JR003009
CITIC CLSA provides global investors and corporate executives with insights, liquidity and capital to drive their growth strategies.
Award-winning re...
More Jobs From CITIC CLSA
CITIC CLSA
Hong Kong
CITIC CLSA
Hong Kong
CITIC CLSA
Hong Kong
Boost your career
Find thousands of job opportunities by signing up to eFinancialCareers today.Recommended Jobs