Position: IT Security Assistant Manager
Department: Information Technology Department
Contract Type: 1 Year Fixed term (Replacement for Maternity Leave)
Starting Date: 1st of March 2026
Job Purpose
As cyber security threats continue to evolve and regulatory requirements become increasingly complex, the IT Security function is strengthening its capabilities in vulnerability management, security monitoring, and threat detection.
The IT Security Assistant Manager will play a key role in supporting daily IT security and cybersecurity operations across BOC Europe entities (hereafter “the Bank”), with a particular focus on vulnerability lifecycle management, monitoring alert follow-up, and security event handling, thereby enhancing the overall cyber resilience of the Bank.
Main Responsibilities
1. Vulnerability Management
- Manage and follow up the full life cycle of vulnerabilities across the Bank, including identification, assessment, remediation tracking, validation, and closure.
- Coordinate with Head Office in China and local IT teams to perform threat and vulnerability assessment, to ensure timely remediation of identified vulnerabilities.
- Support targeted vulnerability analysis and risk-based prioritization.
2. Monitoring & Alert Management
- Follow up on alerts generated by the local IT operations monitoring platform, ensuring proper investigation, escalation, and closure.
- Coordinate with local IT teams to track resolution progress and ensure root causes are addressed.
3. Security Event & Threat Handling
- Monitor and analyze alerts and security events from the SIEM and threat detection platforms.
- Support security incident handling processes, including initial analysis, evidence collection, and coordination during incident response.
- Assist in identifying emerging threats and abnormal activities affecting the IT environment.
4. Operational & Governance Support
- Maintain accurate records related to vulnerabilities, alerts, and security events.
- Support cybersecurity-related reporting, KRI tracking, and documentation.
- Assist and coordinate on IT and cybersecurity awareness or training activities.
5. Documentation & Administration
- Support document management activities, including organizing, maintaining, and archiving security-related technical documentation.
- Provide support in daily operational and administrative tasks of the IT Security function.
Qualifications
Technical Skills & Qualifications
- Bachelor’s degree or above in Computer Science, Information Security, Cybersecurity, or a related field.
- At least 3 years of working experience in IT security, cybersecurity operations, or a related role.
- Hands-on experience with vulnerability management platforms (experience with Tenable is considered a strong advantage).
- Experience in the daily operation or use of IT monitoring platforms (experience with SolarWinds is considered a strong advantage).
- Solid understanding of cybersecurity threats, including common attack techniques, vulnerabilities, malware, phishing, and lateral movement.
- Good knowledge of networks and operating systems.
- Familiarity with SIEM platforms and security event analysis is preferred.
- Good command of English, with the ability to communicate effectively in listening, speaking, reading, and writing.
Soft Skills & Attributes
- Strong analytical skills and attention to detail.
- Ability to follow up multiple tasks under pressure and meet deadlines
- Good communication skills, both written and verbal.
- Strong sense of responsibility and ability to work independently as well as in a team environment.
