Senior Analyst, Information Security (App & Infra Risk Management)

Melco Resorts

jobs-near-me.org

REQ10797 Senior Analyst, Information Security (App & Infra Risk Management) (Open Date: 09/04/2024)

POSITION SUMMARY:

As Senior Analyst, Information Security (Application & Infrastructure Risk Management) you will be part of the Information Security Team focusing on identifying, managing, and reporting Information Security Risks in Melco

PRIMARY RESPONSIBILITIES:

  • Lead the security assessment on the new corporate initiatives including the architecture design, data / privacy protection, compliance framework etc to identify potential risks and ensure compensation controls are put in place
  • Liaise and facilitate with business units, IT Engagement, PMO and other Information Security function teams to ensure the company security best practice is applied and identify any residual risk throughout the project life cycle
  • Ensure deployed technologies are complying to relevant compliance and regulation requirements
  • Prepare the Security clearance sign-off report/review on new systems prior to live implementation
  • Evaluate the current organization security posture with the latest industrial security trend / technology to identify enhancement opportunities and provide effective recommunication to management team
  • Conduct risk review and analysis on Change/Service Request in ticketing system to identify potential risks
  • Coordination on the evaluation, deployment, and management of current and future information security technologies
  • Participate in regular review and utilize the Security framework (e.g. ISO 27001, NIST) to develop the security standard and guideline as the company control framework
  • Support periodic Security documents updates to identify and address the latest trends and risks discovered
  • Remain informed on current standards, trends, and issues in the information security industry
  • Support annual internal/external audit activities
  • Gather threat intelligence information from different sources and inform relevant parties to mitigate risks affecting the systems in use

QUALIFICATIONS:

Experience

  • Minimum 5 years relevant experience in Information Security, experience with Security Risk Assessments is highly desired
  • Good understanding of emerging technologies and associated risks on CyberSecurity, Cloud Security, etc.
  • Strong technical knowledge to conduct security assessment and risk control on different technology domains, such as on premise, network security, SaaS, and Private cloud platforms
  • Knowledge of application security vulnerabilities, e.g. vulnerabilities in OWASP Top 10
  • Strong knowledge of various security platforms used for risk control such as IAM, PAM, SIEM, WAF, EDR, DLP email security, etc is highly desirable
  • Familiar with security industry frameworks e.g. CIS, NIST, PCI-DSS, ISO 27001 / 27701 / 27018

Education

  • Bachelor’s degree in Management Information System, Computer Science, or related disciplines
  • An information security or other similar technical certification such as Certified in Risk and Information Systems Control (CRISC, Certified Information Systems Auditor (CISA) and Certified Information Systems Security Professional (CISSP) is highly desirable

Skills / Competencies 

  • Fluent in of written and spoken English. Fluency in Cantonese will also be an advantage
  • Proven excellence in researching, organizing, writing, and presenting technical information via report writing and presentation (PowerPoint)
  • Capacity to work independently and in a team environment, with proven leadership ability and project management skills
  • Ability to multi-task and have solid project management skills.
  • Ability to understand the relationship between business processes, priorities, risk and their underlying technologies and security risks
  • Ability to keep pace with a fast pace and growing company
  • Strong analytical and inter-personal skills to communicate technical information to non-technical background users

PERSONAL COMPETENCIES:

  • Displays a high commitment to delivering results
  • Leads others to achieve business objectives
  • Communicates effectively
  • Achieves agreed objectives and accepts accountability for results
  • Ability to maintain discretion
  • Self-motivated
  • Approachable

Read Full Description

Apply
To help us track our recruitment effort, please indicate in your cover/motivation letter where (jobs-near-me.org) you saw this job posting.

Job Location