Infrastructure Security Specialist

About EvaBssi

EvaBssi is an international consulting firm in cybersecurity and IS performance.

EvaBssi has been assisting large accounts and small & medium enterprises in the luxury goods, banking, industry, and services sectors, as well as government agencies for 15 years.

Specialized in cybersecurity, cloud and infrastructures, EvaBssi combines methodological know-how, high level of technical expertise and R&D.

An answer to our clients’ challenges:

  • Control cyber risks
  • Identify, protect, detect, respond and recover
  • Design, build and operate innovative and efficient IS

EvaBssi has been awarded the HappyAtWork© label and has 8 offices on 4 continents.

Description

  • Work closely with SOC, CERT and other security teams and Infrastructure skill teams in daily operation and review security requirements
  • Exception management: Evaluate and manage infrastructure security exceptions
  • Vulnerability management: Conduct scan, assessment and remediation follow-up
  • Incident management: Report and follow security incidents and their remedial actions
  • Request / Change management: Conduct security assessment for infrastructure request & changes
  • Review security architecture proposed by other infrastructure teams
  • Deliver innovation initiative to improve overall infrastructure security and efficiency
  • Manage and execute the Infrastructure related security projects
  • Be the security Interface with stakeholders at all levels, from technical engineers to senior management
  • locally, regionally and globally
  • Work closely with other risk and security departments, including all 3 lines of defence
  • Cyber reporting: Production of various cyber security reporting (KPIs; KRIs). Coordinate among
  • Infrastructure teams to contribute to external stakeholders reporting and requests
  • Conduct security & risk awareness training to the Infrastructure teams

Requirements

Knowledge

  • Knowledge and hands-on experiences in IT, Infrastructure and information security
  • Knowledge and experience in IT infrastructure (speak the language, expertise not required)
  • Knowledge in technology regulatory requirement like HKMA, SFC, MAS, GDPR, CBIRC, etc. is required
  • Project management experience is desired
  • Knowledge and experience in a banking environment will be beneficial but not essential
  • Knowledge in the MITRE ATT&CK framework and hands-on experience on security incident investigation processes & techniques
  • Security knowledge in the Public Cloud, development and specific Infrastructure domains are a plus
  • Professional certification recognized by Regulatory bodies like HKMA, e.g. CISM, CISA or CISSP, is mandatory

Tools

  • Hands on knowledge on Security Products/tools such as Identity Management Solution, SIEM, vulnerability management and other security products
  • Scripting and automation skills is a plus

Soft Skills

  • 3 - 5 years relevant experience
  • Able to organize time, multitask, and define priorities (autonomy)
  • Able to interact with all level of the organization from operators to executive management members
  • Must be able to work collaboratively within a complex organization, across multiple cultures, geographies and disciplines
  • Good communication and interpersonal skills
  • English proficiency is essential, other spoken languages in the APAC region or French is an advantage

To apply, please complete the form below.

5 Mo maximum, PDF format only

By clicking on "send" you agree that the information entered will be used to contact you in relation to your request and will be kept temporarily to provide you with a response.

See our privacy policy. * Mandatory fields