通訊事務管理局辦公室
助理資訊科技經理(系統保安及審核)
Assistant Information Technology Manager (Security & Audit)
月薪港幣45,100元至港幣49,600元
職責
助理資訊科技經理(系統保安及審核)將主要負責–
(a) 擔任與資訊科技保安事宜有關的技術主管,並與各級資訊科技人員合作,完成獲指派的工作;
(b) 更新資訊科技保安的最佳做法、規例、政策和指引,並確保該等最佳做法、規例、政策和指引獲得遵從;
(c) 為資訊科技系統進行定期保安掃描和演習、每兩年安排一次獨立保安評估和審計,以及適時推行保安措施和處理保安事故;
(d) 協助推行、保養和管理保安和網絡設施;
(e) 定期安排保安管理會議、就資訊科技保安事宜與外界機構聯絡,以及制訂與保安事宜有關的文件;
(f) 向用戶提供資訊科技支援、諮詢服務和培訓;以及
(g) 處理各類行政工作和其他與資訊科技有關的職務。
Assistant Information Technology Managers (Security & Audit) will be mainly responsible for –
(a) serving as the technical lead on matters of IT security and collaborating with all levels of IT staff to complete jobs assigned;
(b) enforcing the updating and compliance with the best practices, regulations, policies and guidelines on IT security;
(c) performing regular security scanning and drills of IT systems, arranging biennial independent security assessment and audit, and enforcing timely completion of security safeguards and handling of security incidents;
(d) assisting in implementation, maintenance and administration of security-related and network facilities;
(e) arranging regular security management meeting, liaising with external parties in respect of IT security, and documenting security related matters;
(f) providing IT support, advisory and training to users; and
(g) handling various administrative tasks and other IT-related duties.
入職條件
(a) 申請人須-
(i) 持有香港任何一所大學頒授的電腦科學、資訊科技或相關學科的學士學位,或具同等學歷;
(ii) 符合語文能力要求,即在香港中學文憑考試或香港中學會考中國語文科和英國語文科考獲第2級[(註1)]或以上成績,或具同等成績;
(iii) 持有Certified Information Systems Security Professional(CISSP)及/或Certified Information Systems Auditor(CISA)的有效證書,或具同等資格;
(iv) 在取得有關學歷後具備至少五年與資訊科技有關的全職工作經驗,其中兩年必須擔任類似職位和負責相若職責;以及
(v) 具備至少四年為香港特別行政區政府或其他大型機構(如超超過300名員工)負責資訊科技保安管理的實際全職工作經驗(風險評估和審計、保安文件檢討、保安訓練、推行保安系統和保安措施等)。
(b) 申請人須對資訊科技基本設施、應用系統發展、系統支援和項目管理有認識及經驗。
(c) 申請人須以客為先,能在壓力下工作,並願意應要求在辦公時間之後逾時工作,以及間中候命工作。
(d) 持有以下證書或具同等資格者佔優-
• Projects in Controlled Environments、version 2(PRINCE2) Professional
• Project Management Professional(PMP)
• Certified Information System Manager(CISM)
• Cisco Certified Network Associate/Professional(CCNA/ CCNP)
• Microsoft Certified Professional/Solutions Associate of Windows Server
• Linux/Unix 證書(如RHCSA/RHCE/LPIC-1/2)
(e) 對使用以下技術/產品具備經驗者佔優–
MS Windows 操作系統(Windows 7/10、Windows Server 200/2012)、Unix/Linux操作系統(Solaris、HP-UX、Red Hat、Ubuntu、SUSE、Oracle)、Apple iOS、網絡設備/技術(Cisco路由器/網絡交換器、負載均衡器、WiFi、IPv6、VPN)、保安系統/技術(防火牆、IPS、WAF、PKI、抗惡意程式碼軟件、防垃圾郵件、端點保安、流動裝置管理系統、內容分發網絡)、系統認證、管理和監察工具(LDAP、WSUS、PRTG)、與網絡相關的技術(IIS、Apache、Tomcat、HTML、Javascript、Java)、數據庫管理系統(Oracle、MySQL、MS SQL Server、MS Access)、IBM Notes 和Domino、IP-PBX 系統
(a) Candidates should have –
(i) a bachelor’s degree in Computer Science, Information Technology (IT) or related discipline from a Hong Kong university, or equivalent;
(ii) met the language proficiency requirements of ‘Level 2’ [Note (1)] or above results in Chinese Language and English Language in the Hong Kong Diploma of Secondary Education Examination (HKDSEE) or the Hong Kong Certificate of Education Examination (HKCEE), or equivalent;
(iii) valid certificates of Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA), or equivalent;
(iv) at least 5 years’ relevant post-qualification full-time IT working experience, of which 2 years must be in a similar post and in a comparable capacity; and
(v) at least 4 years’ full-time hands-on experience in IT security management (risk assessment and audit, security document review, security training, implementation of security systems and safeguards, etc.) for the HKSAR Government or other sizable organisations (e.g. with more than 300 employees).
(b) Candidates should have knowledge and experience in IT infrastructure, application development, system support and project management.
(c) Candidates should be customer-oriented, able to perform under pressure, willing to work after office hours and occasionally working on an on-call basis as required.
(d) Candidates who are holders of the following certificates or equivalent will be advantageous –
• Projects in Controlled Environments, version 2 (PRINCE2) Professional
• Project Management Professional (PMP)
• Certified Information System Manager (CISM)
• Cisco Certified Network Associate/Professional (CCNA/CCNP)
• Microsoft Certified Professional/Solutions Associate of Windows Server
• Linux/Unix Certifications (e.g. RHCSA/RHCE/LPIC-1/2)
(e) Candidates who have experience in using the following technologies/products will be advantageous –
MS Windows operating systems (Windows 7/10, Windows Server 2008/2012), Unix/Linux operating systems (Solaris, HP-UX, Red Hat, Ubuntu, SUSE, Oracle), Apple iOS, Network equipment/technologies (Cisco routers/switches, load balancer, WiFi, IPv6, VPN), Security systems/technologies (firewall, IPS, WAF, PKI, anti-malware, anti-spam, end-point security, mobile device management system, content delivery network), System authentication, management and monitoring tools (LDAP, WSUS, PRTG), Web-related technologies (IIS, Apache, Tomcat, HTML, Javascript, Java), Database management systems (Oracle, MySQL, MS SQL Server, MS Access), IBM Notes and Domino, IP-PBX systems
入職條件(註)
(1) 政府在聘任非公務員員工時,2007年前的香港中學會考中國語文科和英國語文科(課程乙)C級及E級成績,在行政上會分別被視為等同2007年或之後香港中學會考中國語文科和英國語文科第3級和第2級成績。
(2) 獲篩選的申請人須參加筆試。