Puyi Optical Limited Hiring! Full Time IT Security Analyst in Kowloon Peninsula, Hong Kong - Ricebowl

Job Summary

The IT Security Analyst supports and improves the organization's information security across infrastructure, cloud platforms, applications, and end-user environments. This role focuses on daily security operations, incident handling, and user security awareness, ensuring compliance with group IT security standards.

Key Responsibilities:

Security Operations & Monitoring

• Monitor and handle security alerts from endpoint, email, network, and cloud security systems.

• Investigate security incidents, identify root causes, and assist with remediation.

• Support vulnerability scanning, tracking, and remediation follow-up.

• Assist with endpoint and server patch management, monitor patch compliance and assist with remediation of high-risk vulnerabilities.
  

Policy, Governance & Compliance

• Support the implementation and maintenance of IT security policies, standards, and guidelines.

• Assist with security risk assessments for systems, applications, and third-party vendors.

• Support compliance with internal policies and external standards such as ISO 27001.

• Maintain security documentation, risk registers, and audit records.
  

Cloud & Platform Security

• Support security controls for Microsoft 365, Azure, and other cloud services.

• Assist with identity and access management (Entra ID / Azure AD), including MFA and conditional access.

• Review configurations related to data protection, logging, and access control.
  

Endpoint, Email & User Security

• Support endpoint protection, device compliance, and security hardening.

• Assist with email security, phishing analysis, and user-reported incidents.

• Support security awareness training and user education initiatives.
  

Project & Continuous Improvement

• Participate in IT and security projects, including new system rollouts and AI tool assessments.

• Work with vendors and service providers on security-related matters.

• Continuously review and improve security controls and processes.

Requirements:

• Bachelor’s degree in IT, Computer Science, Cybersecurity, or a related discipline.

• 2–5 years of experience in IT security, cybersecurity operations, or a related support role.

• Good knowledge of common security threats such as phishing, malware, ransomware, account compromise, and social engineering.

• Familiarity with Microsoft 365 security features, cloud security (AWS or Alibaba Cloud is an advantage), EDR (Sophos Central), email security (Check Point / MS Defender), firewalls, and basic log analysis.

• Understanding incident response and vulnerability management principles.

• Experience supporting security awareness training or phishing simulations is an advantage.

• Good communication skills in English, Mandarin, and Cantonese.

• Able to work independently, prioritize tasks, and handle incidents under pressure.

Interested parties, please send your detailed resume with expected salary by clicking 'Apply Now'.

For more information about us, please visit our website at *************

Data collected will be used for recruitment purpose only.