IT Infrastructure Engineer (focus on IT security)
- Work in the IT Infrastructure team with main focus on infrastructure security;
- Act as an internal adviser for all IT infrastructure security matters to other IT teams;
- Design and implement infrastructure security projects including APT solution, SIEM, security training, vulnerability and patch management, privilege account management, NAC, UEBA, WAF, network device, NG firewall, IPS, DLP, secured web proxy, DR site, anti-virus and anti-malware, VPN…etc. and administer and maintain and support the above platforms and solutions.
- Lead and handle infrastructure security requests, incidents or breaches day to day. Proactively follow through and provide support to the case, mitigation and recovery, investigation, reporting and improvement in the future;
- Establish and enrich IT security policies, standards, procedures and guidelines with up-to-date industry standard. Review and identify IT security risk and recommend improvement resolution;
- Develop and enrich security breach contingency plan document. Lead and execute drills as according to the plan regularly;
- Plan, coordinate and conduct IT security audit, regular security assessment and penetration test solely or with external parties. Prepare the result and provide recommendation for the test results.
- Plan, coordinate and conduct regular employee security training;
- Research on new information security technology and perform product evaluation with vendors.
- Provide day-to-day maintenance and support on general infrastructure areas as well.
- Bachelor degree in Information Security, Information Technology, Computer Science or related disciplines;
- Minimum 4 years practical experience in IT infrastructure. Candidate with less experience will also be considered as junior role;
- Proficient level of familiarity with infrastructure administration e.g. network device, firewall, IPS, VPN, APT protection, anti-virus and malware, NAC and WIFI…etc;
- Experience in using Windows, Linux, VMWare and SAN is added advantage;
- Experience in using issue tracking systems, network monitoring system is added advantage;
- IT security certification holder such as CISSP or equivalent is added advantage;
- Hand on experience in IT infrastructure or security project management, emergency mitigation and IT security assessment is preferable;
- Working experience in FSI sector is an added advantage;
- Sound knowledge of Splunk Enterprise Security is an added advantage;