IT Security Operations Analyst
Role Introduction
Reports To: IT Security Operations Senior Lead
This role is part of the Information Technology Department, committed to delivering peace of mind and building trust through world-class cybersecurity operations.
As the IT Security Operations Analyst, you will uphold the highest standards in protecting digital assets and responding to security threats.
You will provide proactive monitoring, incident investigation, and threat response across various digital platforms to ensure a secure and resilient technology environment. You will help interpret risks, recommend solutions, and support secure business operations.
With your passion for cybersecurity and strong analytical mindset, you will be placed in one of three specialist teams—Threat Monitoring, Vulnerability Management, or Security Engineering—where you will grow into a multi-skilled professional through a structured career development plan.
Key Responsibilities
- Executing all IT security operations solutions administration and operations work, such as endpoint security, network security, privileged access management solution, cloud security monitoring, and software-as-a-service security solutions
- Reviewing and approving different IT security requests
- Maintaining good hygiene on IT security footprint within company’s technology network
- Applying basic knowledge to perform threat hunting process to respond to emerging threat landscape
- Working with different business units and extended technology teams to overcome various IT security challenges
- Collaborating with third-party vendors providing services to support incident response
- Coordinating with external security operation services, such as managed defense model and offshore engineering service
- Participating in incident investigation and forensic work
- Supporting audit functions including evidence collection and updates, and implementing suggested controls
- Assisting others in educating security events and implications, and developing documentation to support the incident response process
Requirements
- Bachelor Degree in Information Technology, Computer Science, Computer Engineering, or Cyber Security or equivalent
- 6 years’ IT experience, and 3 years relevant IT security experiences is preferred
- CISSP, CISM, CRISC, ISO 27001 lead auditor or relevant experience preferred.
- IT security incident investigation and relevant forensic knowledge
- Strong knowledge on compliance framework i.e. ISO 27001, PCIDSS
- Strong team development and coaching skills
- Self-motivation, willing to keep update to market standards and technology
Personal & Application Information
Cathay Pacific is an Equal Opportunities Employer. Personal data provided by job applicants will be used strictly in accordance with our Applicant Personal Information Collection Statement and for recruitment purposes only. Candidates not notified within eight weeks may consider their application unsuccessful. We keep records of your data for no longer than is necessary for the purpose for which we obtained them and any other permitted linked purposes. If your application is unsuccessful, we will keep your details on file for as long as is necessary to process your application or for the purposes of further job opportunities if you agree to such longer periods.
