260 Cissp jobs in Hong Kong

Job Responsibilities:

• Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
• Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
• Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
• Assist in developing and continuously improve the information security issues and resolve the audit findings
• Coordinate implementation and validation of information security controls
• Monitor and assess information security violations incidents and responses
• Troubleshooting and provide technical support for information security solutions
• Assist in preparing training materials to promote information security awareness across the enterprise
• Maintain up-to-date inventory on infrastructure equipment and software
• Perform other duties as assigned by the supervisors

Requirements:

• Degree holder in Information Technology, Computer Science or related disciplines
• Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
• 2+ years relevant working experience on information security, infrastructure maintenance and technical support
• Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
• Knowledge of ISO27001 or Risk Management is a plus
• Positive, responsible, able to work independently and maintain confidentiality
• Fresh graduates and willing to learn will also be considered

Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.

Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.

• Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
• Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
• Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
• Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.

Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
• Typically No Related Experience Required
• Although experience is not required for this position, four years related experience may be considered in lieu of a degree.

Preferred Qualifications

• None Identified

• Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
• Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
• Supervision - Normally receives detailed instructions on all work.
• Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
• Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
• Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions

Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact

Summary
Description
Summary of This Role
Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.

What Part Will You Play?

• Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
• Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
• Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
• Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.

What Are We Looking For in This Role?
Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
• Typically No Related Experience Required
• Although experience is not required for this position, four years related experience may be considered in lieu of a degree.

Preferred Qualifications

• None Identified

What Are Our Desired Skills and Capabilities?

• Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
• Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
• Supervision - Normally receives detailed instructions on all work.
• Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
• Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
• Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions

Job Responsibilities:

• Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
• Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
• Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
• Assist in developing and continuously improve the information security issues and resolve the audit findings
• Coordinate implementation and validation of information security controls
• Monitor and assess information security violations incidents and responses
• Troubleshooting and provide technical support for information security solutions
• Assist in preparing training materials to promote information security awareness across the enterprise
• Maintain up-to-date inventory on infrastructure equipment and software
• Perform other duties as assigned by the supervisors

Requirements:

• Degree holder in Information Technology, Computer Science or related disciplines
• Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
• 2+ years relevant working experience on information security, infrastructure maintenance and technical support
• Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
• Knowledge of ISO27001 or Risk Management is a plus
• Positive, responsible, able to work independently and maintain confidentiality
• Fresh graduates and willing to learn will also be considered

Our client is a well known company in HK and they are looking for a Information Security Engineer to cope with their business.

Responsibilities:

• ISO 27001 Compliance: Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 standards.
• Risk Assessment: Conduct regular risk assessments and audits to identify vulnerabilities, threats, and risks to the organization's information assets.
• Policy Development: Create and update security policies, procedures, and guidelines to ensure compliance with regulatory requirements and best practices.
• Incident Response: Manage and respond to security incidents, performing root cause analysis and implementing corrective actions to prevent recurrence.
• Training and Awareness: Develop and deliver training programs to promote security awareness among staff and ensure adherence to security protocols.

Requirements:

• Educational Background: Bachelor's degree in Information Technology, Cybersecurity, or a related field; relevant certifications (e.g., CISSP, CISA, CISM) are advantageous.
• Experience: Minimum of 3-5 years in information security roles with a focus on ISO 27001 compliance and security operations.
• Technical Skills: Proficiency in security frameworks, risk management practices, and incident response methodologies; familiarity with security tools and technologies.
• Analytical Skills: Strong analytical and problem-solving skills to assess security risks and develop effective mitigation strategies.
• Communication Skills: Excellent verbal and written communication skills for reporting security issues and training employees on security practices.

Interested parties, please kindly send your CV to , thanks

Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes

Company Introduction:
*We're home to Asia's most dynamic and vibrant capital markets.

Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."
Job Summary: *
The Information Security Engineer is part of HKEX Information Security function, playing a key role in enhancing the organization security posture. Incumbent is responsible for the design, build, operate and evolve the enterprise IT security solutions to address the organization's security requirements and engaging with key stakeholders to provide critical security services.

Job Duties:
Responsibilities

• Design, deploy, operate, and maintain enterprise security tools and technologies to protect HKEX's IT infrastructure. These include, but are not limited to, Webproxy, IPS, WAF, anti-DDOS platforms, browser isolation tools, and Data Leakage Protection systems.
• Perform daily operational tasks including managing URL whitelist, handling Data Leakage Protection rule exceptions, and updating policies on webproxy and browser isolation tools.
• On-board application systems to WAF and anti-DDOS platforms, monitor and maintain existing security tools to ensure continuous protection and compliance,, and fine-tuning policies.
• Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
• Identify and define system security requirements.
• Design computer security architecture and develop detailed cyber security designs.
• Configure and troubleshoot security systems and infrastructure devices.
• Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
• Maintain all solution design documentation, processes, procedures and report on metrics to demonstrate effective and efficient management of services.
• Work with product vendors and suppliers to maintain and enhance existing security tooling and products.
• Ensure that the organization security tools can detect and help with the response to cyber security incidents.
• Document and validate disaster recovery testing for CyberSecurity tools.
• Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancements.
• Support in managing the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials.

Requirements:

• Hands-on experience or academic exposure to security engineering or system administration.
• Experience in building, maintaining and operating security systems and platforms.
• Hands on experience in at least one of Webproxy, IPS, WAF and anti-DDOS security systems.
• Experience with network security and networking technologies and with system, security, and network monitoring tools.
• Keen on the latest security principles, techniques, and protocols (such as zero trust, etc).
• Must have strong information security technology knowledge/concepts and can effectively communicate with senior management and a broad range of technical/non-technical audiences.
• Strong written communication skills and verbal presentations to internal stakeholders.
• Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience.
• Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
• Familiarity with application, database and operating system security.
• Familiarity with cloud security technologies (AWS or Huawei Cloud Stack (HCS) is preferred).
• Familiarity with risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP, NIST Cybersecurity Framework.
• Familiarity in scripting (Python) or automation (Ansible) is an advantage.
• Previous experience in regulated environments is an added advantage
• Problem solving skills and ability to work under pressure.
• Candidate with less experience will be also considered.

HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
Location:
HKEX - TKO

Shift:
Standard - 40 Hours (Hong Kong SAR)

Scheduled Weekly Hours:
40

Worker Type:
Contract

Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.

• Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
• Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
• Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
• Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.

Minimum Qualifications

• Bachelor's Degree
• Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
• 1-4 years related experience may be considered in lieu of a degree.

• Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
• Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
• Supervision - Normally receives detailed instructions on all work.
• Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
• Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
• Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions

(Senior) Security Engineer

Responsibilities:

 Support various network security technologies, and have extensive experience in

installing, configuring, managing network security products like Firewalls, Application

security, virtual networking, VPN, SASE, SSE, EDR and cloud / virtualization platforms

Design, plan, document and oversee all aspects of complex network design and

implementation project involving diverse technologies

rovide comprehensive guidance for developing and modifying security solutions

anage multiple projects effectively and work calmy under pressure

nvestigate, troubleshoot and resolve network and security incidents

erve as a point of escalation and assist engineers with projects and security cases

evelop documentation manual and provide training to customers

d-hoc emergency support during non-office hours is required

Requirements:

igher diploma or above in telecommunications, information technology, computer science

or related discipline

roficient in Cisco, Fortinet, Checkpoint and Palo Alto Network Security Technologies and

other its cybersecurity product solution

inimum of 4 year(s) of relevant in -dept work experience in Network Security and

Cybersecurity, such as SSE, SASE, VPN, ZTNA, and other network related technology

solution

nowledge of SIEM, SOAR, EDR/XDR, DLP, CASB and WAF

older certification in Network Security product as such Cisco, Fortinet, Checkpoint, Palo

Alto, Zscaler and Microsoft etc.

trong problem solving, analytical, interpersonal and communication skills in both written

and verbal Cantonese, English and Mandarin

• Network Engineer

Responsibilities:

• Primary responsible for Network projects roll out, include Network (LAN/WAN), Wireless and network security and documentation
• Provide daily operations support , troubleshooting and maintenance services including servers and network issue
• Escalation support and co-operate with the operation team on daily operation
• Carry out emergency duties and ad hoc tasks

Requirements:

• Degree holder or above in telecommunications, information technology, computer science or related discipline
• Solid experience on Network (LAN/WAN), switch, router, wireless and security
• Holder of Cisco CCNA / CCNP will be advantage
• Preferred with 2-3 year(s) of work experience in IT or telecommunication industry
• Good command of spoken and written English and Chinese

工作類型: 全職, 兼職, 長工

薪酬: $25,000.00至$50,000.00(每月)

福利:

• 牙科保險
• 視力保險
• 醫療保險

Work Location: 親身到場

About the company:
Our client is a leading global professional firm operating in over thirty countries. The Lead Information Security Engineer role's is to safeguard the organization's IT systems and data. This role requires the candidate's active participation in the implementation of security policies and procedures, the monitoring and analysis of security events and the maintenance of security tools. Other responsibilities are to identify, investigate and resolve any security threats, vulnerabilities and incidents. The candidate must keep up to date with the latest security trends, have excellent communication and problem-solving skills and have a deep understanding of security principles and technologies. The individual will have a functional role in mentoring other team members and share the off-hour support responsibilities.

Responsibilities:

• Review, analyze, and monitor security system reports and logs for suspicious activities, trends, and patterns. This includes web filters, mail gateways, firewalls, encryption systems, anti-malware systems, and IDS/IPS.
• Configure, maintain, and administer security products and solutions used within the firm.
• Configure, maintain, and administer firewalls, web proxy devices, data loss prevention systems, and security information event monitoring systems.
• As a member of the Incident Response Team, respond to alerts, warnings, incidents, and help desk tickets to minimize firm asset exposure under the direction of the IS Security Manager.
• Participate in troubleshooting efforts for all IT security-related problems, including managing and using TAM arrangements with specified security vendors.
• Serve as a technician/engineer on IS projects.
• Conduct risk and security reviews on products as directed by the IT Security Manager or IS management.
• Configure access control systems, assigning rights to appropriate resources for users, IS personnel, and vendors.
• Recommend controls to ensure appropriate protection levels and adherence to the overall information security strategy.
• Monitor IS security metrics, including security system logs, Windows server logs, and network monitoring systems.
• Administer systems and processes to monitor and reconcile system patch status and discovered vulnerabilities, managing metrics that provide patch and vulnerability status. Work with responsible groups inside and outside of IT to remediate.
• Provide consultation and conduct internal investigations that may require forensic analysis under the direction of the IT Security Manager and/or IS management.
• Respond to audit findings as directed by the IT Security Manager and/or IT Management.
• Evaluate and recommend commercial security vendors and products.
• Perform other duties as assigned or required.

Qualifications and Experience

• Bachelor's degree in Cybersecurity Engineering or Computer Sciences
• Strong professional experience in information security with a focus on security operations and technical support
• Strong Experience in Microsoft office Suite, iManage or others company technologies
• Experience with VPN, SSL and other encryption technologies
• Good knowledge of server, workstation, and Active Directory technologies that impact security controls
• Deep understanding of TCP/IP, DNS and common network services
• Experience with security frameworks and compliance requirements such as GDPR, ISO 27001, NIST 800 and PCI DSS.

If you believe you have the right skills, attitude and experience please click 'apply now' below and upload your resume. Alternatively, for a confidential chat, please contact Kevin Ng by applying directly to email  or reach out at

We apologies that only shortlisted candidates will be contacted.