Cyber Security Analyst | HK Talent Engage

Job description

About Mox
Mox is built by and for the ones who aspire to live life to the fullest - we call them Generation Mox!
The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration... it's all up for us to define together.
Why Mox
Mox helps you grow - your money, your world, your possibilities. We equip you with the financial management tools, information and insights you need to make your dreams, big or small, come true.
Everything at Mox - from our products, features, to rewards - is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox.
Mox rewards you with an array of banking and lifestyle benefits. Who says banking can't be fun?
Who are we looking for

Mox Bank in Hong Kong is a Virtual Bank, offering a range of products to customers through our App to bring a new banking experience. Our job as the Cyber Security team is to ensure the Bank is Safe, Sound and Secure for our Customers.
A unique opportunity has opened for a Cyber Security Analyst that has specialist expertise in Data Security and Data Loss Prevention (DLP) management to maintain a strong data security posture within Mox Bank as part of a high-performing Cyber Security team. The diverse range of hands-on experience in this role is a rare opportunity. You will be required to follow established processes, enhance technology controls, and build new processes that will enhance data security practices, provide front-line services to business stakeholders to enhance our cyber security posture.

Responsibilities

Core activities

• Support the ongoing enhancement and execution of processes and tools to support cyber security and data security objectives.
• Monitor DLP alerts generated and interact with DLP technologies to triage, investigate, manage and resolve DLP events, following defined processes and procedures.
• Perform monitoring and initial triage of threats associated with data security.
• Collaborate with the Operations team, Compliance team, SecOps and the Privacy Officer on investigations.
• Prioritise DLP events and incidents according to criticality for timely response.
• Provide support for investigations of any data incidents, including third party data security breaches.
• Assist in relevant KPI metrics reporting, audit, and other ad hoc requests as required, with guidance from the Security Operations Lead.
• Demonstrate and guide the organisation on the handling of sensitive information in accordance with the Mox Policies and Standards.
• Maintain documentation on procedures, incidents, exemptions and technical changes by providing feedback and user input.

Special Projects

• Support the implementation of the solutions with additional cloud services.
• Participate in incident response activities and post-event reviews of data security incidents including that may also include supporting the lead on management of 3 rd or 4 th party data security incidents.
• Advise on DLP enhancements across a range of security solutions to support outcomes of risk assessments associated with sensitive data and data security.
• Analyse quality reviews of current solutions and provide technical guidance and DLP policies to improve overall security.

Provision of Technical Support

• Provide technical expertise on DLP tooling and give recommendations to improve overall effectiveness of solution designs.
• Foresee data leakage risks to establish and further uplift refined use cases and resolve gaps with other team members.
• Keep updated on technical developments and apply knowledge on the job.
• Support the development and testing of new DLP policies and rule sets.
• Support the development and maintenance of technical documentation relating to DLP configuration.

Requirements

You should be able to demonstrate:

• A positive attitude and an eagerness to learn new technology in cloud data security.
• A critical thinker, with strong problem-solving skills, analytical skills with an ability to enhance or automate processes.
• A strategic thinker, the ability to take and drive initiatives to enhance DLP across technologies and design.
• The ability to see opportunities to improve, break them into logical pieces of work and follow them through to execution at a technical level.
• Hands-on experience designing and implementing data loss prevention technologies.
• The ability to manage multiple projects under strict timelines.
• Strong understanding of Data Breach Incident Management practices.
• Excellent communication skills to explain complex technical scenarios, cyber security specific threats, and related mitigating controls into a language that stakeholders at all levels can understand.
• Self-driven attitude, with the ability to take ownership of tasks, clarify task objectives, prioritize your own work, and maintain focus on delivery.
• Collaborative approach to working with others and a passionate champion of Cyber Security, Data Security and Privacy throughout the business.
• Active interest in furthering your own knowledge and skills in Cyber Security, including industry involvement in organizations.

Your experience is ideally supported by the following:

• You will have a technical background with at least 3-5 years of industry experience including hands-on involvement with cloud data security tooling, security event triage and investigation.
• Successful completion of industry exams such as SANS/ISC2/ISACA or with a target to become certified with appropriate experience targets met.