Informationsecurity risk monitor and mitigation, including:

·Regularly notifying the bank of critical security information if needed.

·Conducting periodic vulnerability scans and assisting in correspondinghardening.

·Maintaining the SIEM system andperforming log correlation and analysis on a regular basis.

·Analyzing security alerts generated by avariety of security systems in a real-time manner, and responding the SecurityIncident as needed.

·Periodically reviewing security logs generated by such security productsas NIPS and NIDS upon the bank’s regulations.

·Analyzing penetration test results before proposing and implementingremedial solutions.

·Reviewing the configurations of AIX servers, network devices, andfirewalls regularly upon the bank’s security requirements.

·Annually performing Risk Assessment in accordance with NIST SP800-39 andISO27005.

·Executing security system routine inspection daily.

·IS Infrastructure Maintenance and Backup

·Assisting in Vendor Cybersecurity Risk Assessment annually.

·Providing security awareness training tothe bank staff when needed.

·Providing security reports periodically.

Requirements

Three(3) to four (4) years’ experience with Information Security Management System(ISO27001)

Three(3) to four (4) years’ experience with multiple security systems, including butare not limited to Firewall, IDS/IPS, antivirus, antivirus, Anti-SPAM, SIEM,DLP, Sandbox, Encryption Endpoint as well as Web Security Gateway.

Three(3) to four (4) years’ experience with Penetration Test, Vulnerability Scan,Configuration Review and Risk Assessment.

Experiencewith Information Security Monitoring and Incident Response

Experiencewith Network Maintenance

Experiencewith PC servers and Unix platform administration and maintenance

Experiencewith such various databases as MS SQL Server, Oracle, and MySQL

Experience with Application Development (mastering oneor two coding languages such as C/Java/Python/Perl/Powershell).

Chinese Language proficiency skills preferred,but notmandatory.