IT安全管理与运营分析师 - Security

Issued by: Cathay Pacific (Shenzhen) Information Technology Management Limited 国泰（深圳）信息科技管理有限公司 *国泰航空公司的全资子公司 IT Security Operations Analyst IT安全管理与运营分析师 Location: Shenzhen Role Introduction: This role serves as a technical Subject Matter Expert (SME) within Security Operations, responsible for supporting day to day security operations while driving improvements in security automation, detection engineering, and platform enablement. The position bridges SecOps BAU operations, managed security service coordination, and security initiatives/projects, with a strong focus on AI assisted operations, automation reliability, and detection quality. The role acts as a technical contributor to both operational execution and continuous improvement, supporting incident response, detection effectiveness, and the ongoing maturity of the organisation’s security operations capabilities.

Key Responsibilities: 1.

Security

Operations & Incident Response: 1) Execute and support day-to-day IT security operations, including administration and operational support across: a) Endpoint Security b) Network Security c) Data Loss Prevention (DLP) d) Email Security e) Web Application Firewall (WAF) f) Certificate Management g) Privileged Access Management (PAM) 2) Perform security alert triage by validating severity, eliminating false positives, identifying impact, and determining appropriate response actions.

• Investigate suspicious activities and execute containment and remediation actions in accordance with approved playbooks and SOPs.
• Participate in incident investigation and forensic activities, supporting root cause analysis, evidence collection, and post-incident follow-up activities.
• Maintain and continuously improve SOPs and runbooks, and contribute to operational automation where possible.
• Review, assess, and approve IT security requests, ensuring alignment with security policies and standards.
• Support audit and compliance activities, ensuring operational practices align with ISO/IEC 27001 requirements.
• Ensure incident handling and operational activities remain audit-ready and well-documented.
• Contribute to continuous improvement initiatives to enhance detection capability, response efficiency, and overall security posture.
• Work closely with business units and extended IT teams to address security issues and overcome operational challenges.
• Participate in a 24×7 on-call rotation, providing technical and incident escalation support for detection and security platform-related issues. 2、E&A 1）Emergency and Accident and Crisis Response responsibilities as required Qualifications/ Experience: 1. Minimum 6 years of overall IT experience, with at least 4 years of relevant IT security experience.
• Solid experience in IT security incident investigation, including relevant forensic analysis knowledge.
• Strong understanding of information security and compliance frameworks, such as ISO/IEC 27001 and PCI DSS.
• Professional certifications such as CISSP, CISM, CRISC, ISO/IEC 27001 Lead Auditor, or equivalent experience, are preferred.
• Self-motivated and proactive, with a strong willingness to stay current with industry standards, emerging threats, and security technologies.
• Bachelor’s degree in Information Technology, Computer Science, Computer Engineering, Cyber Security, or an equivalent discipline.

Notes: All Chinese mainland based positions are subject to local terms and conditions.