Information Security Analyst

Role:

• MANDARIN SPEAKING IS REQUIRED FOR THIS ROLE 
• Manage and implement the Branch information security operations.

• Development relevant information security operation areas assessment based on the local and head office information security policy and procedure.

• Liaise closely with head office to ensure maximum co-operation concerning the Branch s IT and information security management, implementation and support.

• Be responsible for the information security system implementation, maintenance and management, provide information security operation system updates and analysis.

• Implement Information security related projects, provide feedback

• Be responsible to cooperate with the HO, second defense line, third defense line on the information security area.

• Be responsible for the IT Disaster Recovery, daily rehearsal and BCP recovery test.

• Oversight the IT system threat prevention, threat detection and an incident response strategy, leading the IT incident investigations and managing the response for the IT incident.

• Develop control program that proactively identifies threats to the Branch and guides the acquisition of advanced security controls.

• Lead and coordinate, internally and externally, responses to IT security incidents, providing timely reports during the incident and remediation as well as proposing solutions to anticipate, prevent, or mitigate future incidents.

• String Knowledge of information security best practices, standards, and frameworks, such as ISO/IEC27000, NIST 800-53, FFIEC, and NYSDFS Part 500

• Write technical documents and testing reports. Provide support for the internal and external audit and exam.

• Be responsible for demonstrating risk awareness by following all policies,procedures, and internal control in their daily routine.

• Knowledge of technical infrastructure, networks, databases, and systems in relation to Information Technology Security and Risk Management

• Network Operations knowledge firewalls, protocols, etc.

• Independent worker, accountable and skilled in exercising sound judgement, planning, organizational skills.

• Knowledge of Information Security applications and proficiency in specific knowledge applications