Cyber Security Analyst

Location:HKG preferred, however flexibility within OSEA region. 

Overview

Join Menzies Aviation’s Global Cyber Security Team. Menzies Aviation is an independent, time-critical logistics specialist serving the airline industry. At more than 300 locations in 65 countries.

Working as part of, and supported by, a global team, based in UK, Kuwait and the US you will be aligned to, and provide support to the regional IT team.

Daily this will involve spending time reviewing and responding to security tickets and alerts primarily raised by our SOC. This may involve investigating using SIEM and EDR tools to understand and resolve the issue.

Weekly, you will be involved in understanding and planning the remediation of any high and critical vulnerabilities identified in the region via tools such as Tenable and Managed Engine.

Monthly you will support the implementation of projects in the region, risk assessing projects and changes at the earliest opportunity to assist with the design and implementation of the relevant security controls.

Meeting monthly with the regional IT teams you will drive and design to:

·         Understand what projects and changes are happening in the region.

·         Understand any challenges or security issues.

·         Review any relevant security incidents

·         Update the team on any Policy or Compliance changes

·         Update on any emerging risks, threat intelligence

·         Provide awareness and if required training to mitigate cyber threats

·         Review and update the IT risk register as required

·         Any other Business.

Through your interactions with the wider team, you will quickly work out who the key stakeholders are, build a network to ensure you are informed about what is going on and have the confidence to intervene or advise to ensure the cyber security objectives of Menzies Aviation are maintained.

Support, coaching and training can be provided to manage the technical elements of this role. What we really value is someone who is willing to step out of their comfort zone to learn and achieve, demonstrates and positive attitude and will tackle the challenges with energy.

Qualifications and Experience 

• Education: A degree in IT or cybersecurity is preferred
• Professional Certifications Relevant certifications such as CISSP, CISM, CISA, CEH, or others are highly valued.
• Ability to manage and support a security operations team.
• Ability to manage the performance of third-party service delivery partners.
• Ability to communicate effectively to a range of audiences.
• Undergraduate Degree in an IT or cyber security discipline, or equivalent experience and relevant qualifications.
• Knowledge of common information security management frameworks, such as International Standards Organization (ISO) 27001, the IT Infrastructure Library (ITIL), or the National Institute of Standards and Technology Cybersecurity Framework.
• Keep abreast of regulations affecting cybersecurity (e.g., GDPR) and ensure the company’s adherence to these and other relevant standards.
• Understanding of networks, systems, applications, and Cloud technologies.
• Familiarity with the principles of cryptography.
• Knowledge of security testing.
• Experience working and learning within a fast-moving, changeable environment with new technology/services/infrastructure/priorities and working practices (processes).
• Excellent organizational, planning, and administrative skills and a good eye for detail.
• Highly analytical with the ability to influence, challenge, and implement change.
• Experience in dealing with work of a confidential and sensitive nature.
• Proficient in English with secondary language of Cantonese preferred.