Our client, a leading Investment Bank, quickly expanding in the region, is looking for an experienced Information Security Specialist to establish InfoSec framework, policy and program across the firm. Great exposure and opportunity to grow.

Responsibilities:
– Manage and support the execution of the Information Security Strategy, Program, Policies, Standards and Reporting. Work closely with Senior IT stakeholders including CIO.
– Maintaining the applications security framework and provide security assessments such as code reviewing and web scanning for in-house applications.
– Ensure infrastructure related risks are appropriately communicated and mitigated.
– Provide assessment on vendor or new security technology.
– Track and manage IS related Audit.
– Evaluate and assesses new / emerging technologies to cope with changing risk of the firm’s environment.
– Provide threat management for spyware, viruses, worms, spam and malicious code.
– Provide security management with reporting of security service and operations.

Qualifications:
– At least 4 years experience in IT Security and Risk from an enterprise level environment.
– Experience in analysing web application, network and database security.
– Knowledge in technologies including Windows / Unix / AIX, Network, Firewall (Cisco), Databases, Antivirus / malware, etc.
– Experience in deploying security solutions including vulnerability management, patch management, log management or DLP solution etc.
– Excellent Communication skills in English, Cantonese and Mandarin.
– Security Certificates in CGEIT, CISM, CISA, CISSP or CRISC, or equivalent.
This is a renewable contract with a high chance to go perm. Candidates who have infrastructure experience wanting to get into IT Security will also be considered