Key Responsibilities

• Works with information security leadership to develop strategies and plans to enforce security requirements and address identified risks
• Act as a technical Subject Matter Expert (SME) on information security system development and best practices. Provides second support and analysis during and after a security incident
• Assists with risk assessment activities, including analyzing the results of audits to produce recommendations of acceptable risk and risk mitigation strategies
• Collaborates with Information Technology staff to develop remediation plans addressing identified vulnerabilities
• Review and analyze the reports and logs from security devices and computers to identify the legitimate uses vs. malicious activities and misuse of information and data
• Researches, evaluates, tests and recommends the implementation of new or updated information security technologies
• Participates in security investigations and compliance reviews, as requested by internal or external auditors
• Work directly with the Criminal Investigations team at Wynn and understand the importance and sensitivity of data collected
• Commonly used information security and cyber security tools, SIEM, SOAR, etc.

Competencies and Requirements

Experience: Minimum 2+ years’ experience directly related to the duties and responsibilities specified
Knowledge/Certificates:
• Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
• Strong understanding of cyber security concepts, common information security tools, IP, TCP/IP, and other network administration protocols.
• Experience with planning, deployment, and operation of large enterprise security management tools such as IDS/IPS (network and host), advanced anti-malware (network and endpoint), DLP, encryption, anti-virus, SIEM, firewalls, identity management, NAC, etc.
• Specific knowledge of authentications technologies such as AD, LDAP, RADIUS, TACACS+, 802.1x, NAC, Microsoft Certificate Services, and PKI in general.
Education: Diploma or degree in Information Technology field
Language Ability: Good written and spoken English and Chinese
Computer Skills: Familiar with hospitality systems management an advantage. CISP, CEH, OSCP, CPT, GCFA , CISSP, Security+ or equivalent certification preferred

For enquiries, please contact us at (853) 8889 1188 during office hours
From Monday to Friday between 9:00am and 6:00 pm

主要職責

網路安全工程師負責監控和審查資訊安全相關產品狀態和日誌，確保 IT 部門系統和服務解決針對永利業務營運、員工、客戶和業務的安全威脅、風險和攻擊夥伴。

職位介紹

• 與資訊安全領導層合作制定策略和計劃，以執行安全要求並解決已識別的風險
• 擔任資訊安全系統開發和最佳實務的技術主題專家 (SME)。 在安全事件期間和之後提供第二次支援和分析
• 協助風險評估活動，包括分析審計結果以提出可接受的風險和風險緩解策略的建議
• 與資訊科技人員合作制定針對已識別漏洞的補救計畫
• 審查和分析來自安全設備和電腦的報告和日誌，以識別資訊和資料的合法使用與惡意活動以及濫用
• 研究、評估、測試並建議實施新的或更新的資訊安全技術
• 根據內部或外部審計師的要求，參與安全調查和合規性審查
• 直接與永利刑事調查團隊合作，以了解所收集資料的重要性和敏感度
• 常用的資訊安全與網路安全工具，SIEM、SOAR等

職位要求

工作經驗：至少 2 年以上與指定職責直接相關的經驗
技能 / 證書：
強大的分析能力，能夠分析安全需求並將其與適當的安全控制相關聯。
對網路安全概念、常用資訊安全工具、IP、TCP/IP 和其他網路管理協定有深入的了解
具備規劃、部署和操作大型企業安全管理工具的經驗，例如 IDS/IPS（網路和主機）、進階反惡意軟體（網路和端點）、DLP、加密、防毒、SIEM、防火牆、身分管理、NAC等
具備特定的驗證技術知識，例如AD、LDAP、RADIUS、TACACS+、802.1x、NAC、Microsoft 憑證服務和PKI
教育程度：資訊科技領域的文憑或學位
語言能力：良好的中英文書寫與口語能力
電腦應用：熟悉酒店系統管理優先。 CISP、CEH、OSCP、CPT、GCFA、CISSP、Security+ 或同等認證優先

如有查詢，請於辦公時間星期一至五上午9時至下午6時致電（853）8889 1188