Job Description:

• Develop and maintain the corporate cyber security policies and procedures
• Supervise the execution and follow-up of the security incident handing process
• Liaise with the government for implementing cyber security controls
• Supervise the development and review of cyber security related procedures
• Attend meetings with other business units for implementing cyber security controls
• Supervise Security Tasks and Resources Planning
• Monitor Security Testing Schedule
• Attend meetings with other IT units for defining pen-testing scope
• Supervise the design and development of Pen-test and Security Test Cases
• Supervise the execution of Pen-test and Security Tests
• Verify pen-test findings and suggest necessary improvements
• Supervise the customization and improvement of open source Pen-test tools and scripts
• Supervise and review security hardening standards
• Supervise the research of emerging security threats and testing techniques
• Supervise the development of new security metric dashboards
• Supervise and review the design and development of pen-testing and security test techniques
• Supervise the monitoring of security metrics dashboards
• Develop extra security controls arising from the latest DICJ requirements and Cyber security Law
• Supervise the development of New Threat Detection Techniques
• Automate internal process and procedures
• Develop and organize pen-testing training to junior team members
• Recommend necessary online learning and internet materials on cyber security and pen-testing to junior team members
• Supervise the arrangement of security training to internal IT units
• Supervise Knowledge Sharing and Maintenance of the latest Cyber security techniques and knowledge


Job Requirement:

• Bachelor Degree holder in Computer Science, Electronic Engineering or Information Technology related fields is a minimum
• Possess OSCP and CISSP / CISA / ISO27001 / CSX or other industry recognized security certification strongly preferred
• Minimum 5 years relevant experience in Information / IT Security Management / Project Management / Security Controls Implementation / Security Standard / Security Procedure / Security Guideline writing
• Experience with Security Acceptance Test and Security Exposure Risk Assessment
• Experience with Privilege ID & Identity & Access Governance, Key Management, End-Point Security, Security Scanning, Penetration Test, Cyber Security Assurance
• Experience in assessment of security controls, application security, security exposure risk, network segmentation, network perimeter defense
• Experience with applications and associated security risks
• Experience in vendor management
• Experience in Hospitality or Gaming Industry is preferred
• Knowledge in Information, Data, Network and Cyber Security technologies
• Knowledge in Hospitality or Gaming System and Infrastructure is a plus
• Proficient in spoken and written English
• Fluent in Cantonese and Mandarin speaking is preferred
• Good presentation skill and able to explain technology strategic to non-IT user
• Possess of good analytical skill and be detail oriented
• Strong desire to adopt new tools and technologies
• Excellent problem solving and documentation skills
• Excellent verbal and written communication skills
• With Self-motivated and strong inter-personal skills working in a team
• Process and performance minded with strong sense of discipline
• Be able to work independently with minimal supervision of his/her supervisor
• Be able to handle multiple tasks with good sense of priority
• Ability to prioritize workload effectively and to undertake tasks using own initiative







Interested parties, please apply via:
• Email the detailed resume to careers@macausjm.com
• Hotline 89820288 / 68827116