Technical Manager (Information Security Incident Response)

Technical Manager (Information Security Incident Response)

Job Title: Technical Manager (Information Security Incident Response)
Contract Type: Perm
Location: Hong Kong
Reference: 1869
Contact Name: Jackie Vargas
Job Published: June 03, 2021 17:53

Job Description

Job Scope:

  • Deliver advanced analysis and recommend remediation steps for cyber security events and incidents.
  • Updates process document to address contemporary gaps observed from new cyber scenarios.
  • Lead investigations on security incidents to minimalize the risks to an acceptable level.
  • Perform root cause analysis and recommend necessary actions to be taken.
  • Support Senior Manager in analysing business needs in the information security area and recommend and give opinions on technical security implementations and solutions to several levels within the club.
  • Advise IS security engineering team in detection gaps and any observation in security control gaps coverage to IS Operation team.
  • Lead the team to coordinate with Data Centre OPS team, Betting Incident Management team.
  • Manage and verify security-related alerts
  • Manage the coordination on the remediation of security issues during incidents.
  • Manage the incident response process.
  • Participate and contribute positively to create a diverse and inclusive culture with trust and respect. Play an active role to support cross team/division/department efforts and model collaborative behaviours



  • University degree qualification with strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking.
  • Familiar with NIST “Computer Security Incident Handling Guide”.
  • Worked with Incident management system and SIEM.
  • Sound working knowledge of information technology and Security industry trends and issues.
  • Experience with OWSAP top10 and DDOS attack techniques and protection.
  • Experience with cybersecurity including offense and defence, and vulnerability protection.
  • Experience with one or more public cloud security products.
  • Experience with TCP/IP principles.
  • Strong experience with Windows and Linux related to security.
  • Able to communicate effectively with across each Lines of Business to champion and motivate for change to their respective security cultures.
  • Able to manage execution of action plans for ensuring the safety and security of all information system assets.
  • Knowledge of a broad range of cyber security topics e.g. governance, identity and access management, supply chain risks, security operations, incident management etc.
  • Knowledge of AWS, Google Cloud.
  • Ability to read and understand packet level data Intrusion detection and prevention and Network Security Products (IDS/IPS, firewalls, etc.) Host Security Products (HIPS, AV, scanners, etc.).
  • Have experience on Vulnerability assessment as well as penetration testing or forensic analysis fields are an advantage.