Assistant Manager - Cybersecurity

Key Responsibilities:

• Lead full-cycle incident response: investigate, contain, eradicate, recover, and conduct post-mortems.
• Build and refine playbooks, runbooks, and standard operating procedures for streamlined, repeatable responses.
• Hunt threats using intelligence, anomalies, and emerging risks to stay ahead of attackers.
• Shape security frameworks, policies, and standards aligned with ISO 27001 and industry best practices.
• Manage daily operations: accounts, certificates, logs, vulnerability scans, penetration tests, and control implementation for projects.

Qualifications and Experience:

• Bachelor's degree in Computer Science, Information Technology, or related field.
• 5 or more years of cybersecurity experience, including 2 or more years in incident response.
• Certifications such as CISA, CISM, CISSP, CISP, or equivalent are highly desirable.; Splunk Enterprise Security certification is a plus.
• Hands-on experience with Security Operations Center workflows and incident handling.
• Experience with SIEM (Splunk, Microsoft Sentinel, QRadar) and EDR tools (CrowdStrike, SentinelOne, Microsoft Defender, Sangfor).
• Knowledge of networks, OS(Windows, Linux, macOS), malware analysis, and cloud security (Amazon Web Services, Microsoft Azure, Alibaba Cloud, Huawei Cloud).
• Strong organizational skills with fluency in written and spoken English and Chinese.