The Department

The Cyber Security Department is responsible for the enhancement of the resiliency of Club's information, information systems and network infrastructure, as well as identifying security threats and vulnerabilities and effectively manage the risks. The team also works to ensure the Club's conformance to local cyber laws and regulations.

The Job

You will:

• Develop, test and fine-tune our detection capabilities, response playbooks, EDR rules and threat intel feed coverage
• Identify and implement API integrations to reduce the time required by the SOC Team to perform enrichment, response and/or containment activities. Develop and maintain a mapping of the security monitoring use cases against the MITRE ATT&CK Framework, and the corresponding playbooks
• Onboard security logs are required for security monitoring and incident response purposes
• Manage the backlog prioritisation, working with the SOC Team to ensure the appropriate prioritisation of the issues and enhancements
• Ensure the security monitoring correlation rules and response playbooks are tested and optimised to meet the performance and accuracy criteria
• Develop capabilities to monitor security logging coverage and remediation workflow to notify the log source owners to investigate and rectify the issues, if any
• Lead the team to perform regular reviews and attack simulations, to identify potential detection gaps and remediate them
• Ensure the underlying platforms supporting the SOC Team, are operating optimally and perform regular maintenance activities on them
  
  
  

About You

You should have:

• Degree in Computer Science, Information Security, and/or related discipline
• 8 years or more of working experience in the related field, with at least 5 years in an engineering role
• Strong experience covering technologies for Cyber Threat Intelligence, Security Monitoring & Response, and Security Analytics
• High degree of logical and analytical thinking skills
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – SIEM, SOAR, Threat Intel Platform, UEBA, Breach Attack Simulation, API, Python
• Industry-recognised certification in one or more of the following – CISSP, CISM, GCIA, GCIH, GSOC, etc.
  
  
  

Terms of Employment

The level of appointment will be commensurate with qualification and experience.

Enquiries

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.