Company: Cathay Pacific
Closing Date: "No Closing Date Stated"
The Position:Join our IT Infrastructure and Operations, Security Team and help analyze Corporate Information Security environment, recommend security measures to safeguard Cathay Pacific’s valuable IT assets.
Key Responsibilities:- Work with business units to provide an advisory role, achieve security requirements by enforcing security control policies as planned
- Report to senior management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
- Assist in development of security architecture, policies, principles and standards
- Resolve negative audit findings reported by internal and external audits
- Validate and enforcing baseline security configurations for operating systems, applications, networking and telecommunications equipment
- Monitor compliance reviews and carry out assessments; follow up on deficiencies identified and ensure remediation steps have been taken
- Manage day-to-day identity and access management maintenance; process normal and exception-based security authorization requests
Job Requirements :- Bachelors degree in Computer Science or related field
- Minimum 6 years’ solid working experience in the IT industry, with at least 2 years in security role
- Experience with common information security management frameworks, such as ISO 27001, CobiT, ITIL
- Proficiency in performing risk, business impact, control and vulnerability assessments
- Broad infrastructure and technology background including proven background in security management and vendor management
- Experience in developing, documenting, and maintaining security policies, processes, and procedures
- Possess domain competencies in various IT-risk-related disciplines, including security, business continuity management, privacy and compliance
- Strong problem solving and analytical skills
- Effective communication and interpersonal skills
- Strong knowledge of Internet application security, including common Internet application vulnerabilities and network architecture
- Certification in Information Security disciplines such as CCSK, CISM, CISA or CISSP preferred
- In-depth knowledge of Active Directory, Novell and TCP/IP based networks (both LAN & WAN)
- In-depth experience of working with security monitoring tools and methods
- In-depth experience of managing recovery from an incident or major disaster
- Knowledge of Information Security best practices, such as PCIDSS or Secure SDLC preferred
Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our personal data policy and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. All related information will be kept in our file for up to 24 months. A copy of our Personal Information Collection Statement will be provided upon request by contacting our Data Protection Officer.
Enter multiple emails separated with a semi-colon (;).