What Jobs are available for Cybersecurity Engineer in Hong Kong?

Cybersecurity, MS Window, Firewall, Antivirus

We're looking for a talented Cybersecurity Engineer to support one of our largest in-house clients.

Your new role

• Monitor and manage security tools like DLP and MS Defender for attack signs or misuse
• Work with infrastructure teams and vendors to resolve cybersecurity issues
• Prepare regular security metrics reports for risk management committees
• Partner with Application and Infrastructure teams to ensure security controls on new servers, apps, and websites
• Collaborate with Group Cybersecurity to adopt and maintain security standards and IT policies

What you'll need to succeed

• 1+ year of hands-on experience in infrastructure experience combined with foundational cybersecurity knowledge
• Experience with PC systems, Microsoft Windows, MS Office, and network troubleshooting
• Hands-on knowledge of MS Active Directory, Office 365 Exchange, DNS, DHCP, TCP/IP
• Familiarity with remote access tools (VPN, Remote Desktop)
• Advantageous: experience with Windows Server multi-user environments, Exchange, SQL Server, IIS
• Experience setting up firewalls, antivirus, and other security tools

What you need to do now

If you fulfil all the qualifications mentioned above and have the drive to succeed or are interested in similar roles within the Information Technology Sector, please contact me with an attached CV at or please call

Job Summary: 

The Cybersecurity Engineer is responsible for protecting an organization's computer systems and networks from cyber threats. This role involves designing, implementing, and maintaining security measures, monitoring for security breaches, and responding to incidents to ensure the confidentiality, integrity, and availability of data.

Key Responsibilities:

• Design, implement, and manage security tools and technologies (e.g., firewalls, intrusion detection/prevention systems, antivirus software).

• Monitor networks and systems for security breaches, using security tools and software.

• Conduct vulnerability assessments and penetration testing to identify and address security weaknesses.

• Respond to and investigate security incidents, providing detailed analysis and remediation.

• Develop and enforce security policies, procedures, and best practices.

• Collaborate with IT and other departments to ensure security is integrated into all aspects of technology.

• Stay up-to-date with the latest cybersecurity trends, threats, and technology solutions.

• Provide security awareness training to staff.

• Prepare reports and documentation related to security incidents, risk assessments, and compliance.

Requirements:

• Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field (or equivalent experience).

• Proven experience in cybersecurity, information security, or related roles.

• Strong knowledge of network and system security, cryptography, and risk management.

• Experience with security tools (e.g., SIEM, IDS/IPS, firewalls, endpoint protection).

• Familiarity with regulatory requirements (e.g., GDPR, HIPAA, PCI-DSS).

• Relevant certifications preferred (e.g., CISSP, CEH, Security+, CISM).

• Excellent problem-solving and analytical skills.

• Strong communication and teamwork abilities.

Competitive remuneration package including 5-day work week will be offered to the right candidates. Interested parties please click the below "Apply Now" button.

Personal data provided by job applicants will be used strictly in accordance with the employer's personal data policies.

All information received will be kept in strict confidence and only for employment-related purposes.

Zung Fu is an equal opportunity employer. We are committed to creating a diverse and inclusive environment and do not discriminate on the grounds of gender, race, disability, family status, sexual orientation or any other legally protected factors.

Zung Fu is also dedicated to treat each other fairly, impartially and with respect at all times.

Please let us know if you need a special accommodation or disability support service arrangement during the recruitment process at any time.

We're looking for a Junior–Mid Cybersecurity Engineer who's hands‑on with security operations and excited to improve our defenses across cloud, endpoints, identity, and collaboration tooling. You'll help run the daily security program, tune and maintain controls, investigate alerts, and contribute to projects that raise our overall security posture.

Security Engineering manages our deployed security solutions and controls, implements new security technologies, and evaluates emerging solutions for potential adoption. This role handles all day‑to‑day security operations and partners closely with IT, SRE, and Product Engineering to keep our environments safe and compliant.

• Operations & Monitoring

• Own day‑to‑day security operations: triage alerts, investigate events, and drive incidents through containment, eradication, and post‑incident review.

• Maintain detection rules, playbooks, and runbooks; continually reduce false positives and MTTR.

• Troubleshooting users on issues with security tooling.

• Tools & Controls

• Review and harden AWS security services (e.g., IAM/SCPs, GuardDuty, Security Hub, CloudTrail/Config, KMS, WAF).

• Operate MDM for device compliance, disk encryption, patching, and baseline configurations.
• Operate AV/EDR and firewall policies; support enterprise browser security policies and extensions.
• Harden Cloud services and partners (DLP, context‑aware access, OAuth app controls, group/SSO hygiene, 2SV/passkeys).
• Conduct POCs and evaluation on security tools for adoption.

• Support IT operations when needed.

• Engineering & Enablement

• Implement new security technologies and integrations; document deployments and handoffs.

• Create security automations for tooling.

• Risk & Posture

• Support asset/inventory accuracy, least‑privilege access reviews, and change control.

• Assist with security reviews, vendor risk, and audit evidence for SOC 2/ISO 27001‑style controls.

• At least 5 years of security engineering background and experience with at least one of the following: SIEM, MDM, Systems hardening, Practical Cloud Security.
• Experience in tool lifecycle implementation - from Proof of Concept through integration and till decommissioning.
• Ability to work across time-zones when needed.
• Solid understanding of computing systems and their operations.
• Ability to work in a team and flexible deliverables.

• Hands-on experience with cloud platforms (AWS/Google/Azure).
• Experience with security automation.
• First hand experience with development of security processes.
• IT Background.

Interview Process

• CV Screening – We will review your application based on the qualifications and experience outlined above.
• Screening Interview with Cybersecurity team member– A conversation to assess general fit and engineering experience.
• Test Assignment Review – You'll be given a technical task reviewed by the team.
• Technical Interviews – Discussions with cybersecurity team and IT focused on system design, processes and approach.
• Final Interview with the CIO – A concluding discussion to evaluate cultural fit, strategic alignment, and how you resonate with the firm's values.

Throughout the process, you'll be assessed for cultural fit through our company values:

• Drive – We seek people whose passion fuels relentless growth and a pursuit of excellence.
• Ownership – We value those who take initiative and treat the company's goals as their own.
• Judgment – We value individuals who focus on what matters and consistently drive meaningful results.
• Openness – We believe in honest dialogue, constructive challenge, and shared learning.
• Competence – We work with people who can thrive in fast-changing environments.
• Resilience – We stay calm under pressure, adapt quickly, and learn from setbacks.

Red Team, Burp Suite, Nessus, APAC exposure

We are seeking a talented Junior Cybersecurity Engineer for one of our most sizeable Worldwide in-house clients.

Your new role

• Conduct thorough penetration tests on applications, networks, and systems to identify vulnerabilities and recommend remediation strategies.
• Collaborate with cross-functional teams to enhance security measures and implement best practices.
• Provide detailed reports and presentations on findings, including risk assessments and actionable recommendations.
• Stay updated on the latest security trends, threats, and technologies to continuously improve our security posture.

What you'll need to succeed

• 1+ years of experience in penetration testing, vulnerability assessment, and security auditing
• Diverse understanding of web and mobile application security, network protocols, and operating systems
• Proficiency with penetration testing tools (e.g., Burp Suite, Metasploit, Nessus)
• Relevant certifications (e.g., OSCP, CEH, GPEN) are a plus
• Proficiency in Chinese, English and Putonghua

What you need to do now

If you fulfil all the qualifications mentioned above and have the drive to succeed or are interested in similar roles within Information Technology Sector, please contact me with an attached CV at or please call

Your new company

• US-led global sourcing company specialising in apparel and accessories

Your new role

• Continuously monitor systems, networks, and Microsoft environments to detect unusual activity or potential threats
• Lead investigations into security incidents and coordinate timely responses
• Establish and maintain cybersecurity policies and operational procedures
• Conduct regular vulnerability scans and provide actionable remediation plans
• Stay current with emerging security technologies and recommend improvements

What you'll need to succeed

• Degree in Computer Science, Information Security, or related field
• Strong knowledge of network, endpoint, and cloud security (especially Azure and Microsoft 365)
• Hands-on experience with Microsoft SIEM tools
• Familiarity with secure development practices and DevSecOps methodologies
• Certifications such as CISSP, OSCP, or GIAC are advantageous
• Comfortable working in multicultural environments

What you need to do now

• If you're interested in this role, click 'apply now', or call Jacky Chow @ Alternatively, you can also share your updated CV to

Responsibilities

• Lead and support network security projects and daily operations
• Design and implement robust network security architectures and controls while developing and enforcing network security policies, standards, and procedures
• Monitor, analyse, and respond to network security incidents and threats
• Collaborate with relevant teams to ensure secure network configurations and stay current with emerging threats, vulnerabilities, and technologies
• Prepare and present risk assessments and mitigation strategies to leadership

Requirements

• Degree in Computer Science, Information Security, or a related discipline
• A minimum of 3 years' experience in network security
• Good knowledge of and hands-on experience with network security solutions, such as firewall/NGFW, WAF, IDPS, NDR/XDR, network taps, NAC, network security policy orchestration, DNS
• Good knowledge of network security related industry frameworks and good practices
• Experience with any of the following is preferred: Zero Trust architecture, SASE, vulnerability and patch management, incident response and digital forensics, cloud security (e.g. Azure, AWS, Alibaba Cloud), or penetration testing
• Any relevant professional security certifications (e.g. CISSP, CISM, CISA, CCNP, SSCP) are preferred

Applications

You are invited to apply online via or send in your CV stating the position (with reference number) you are applying for by mail to Human Resource Management Department, MTR Corporation, G.P.O. Box 9916, Hong Kong on or before 23 October 2025.

For other job openings, please visit MTR Corporation's website for more details.

All information provided by applicants will be treated in strict confidence and used for recruitment purpose only. All personal data of unsuccessful applicants will be retained for 12 months for future recruitment purpose and will then be destroyed.

Responsibilities:

• Help with developing, updating, and maintaining cybersecurity measures
• Run vulnerability scans and assist with reporting results
• Support the coordination and delivery of cybersecurity awareness programs
• Provide basic technical support to the security team
• Work with team members to review and suggest improvements for Security Operations
• Monitor security systems and respond to routine alerts with guidance
• Learn about new security threats and emerging technologies
• Carry out additional assigned tasks as needed

Requirements:

• Degree or diploma in computer science, information technology, or a related discipline
• Some programming knowledge is helpful but not required
• Interest in information security, networks, Windows, Linux, and cloud platforms is beneficial
• Willingness to learn and ability to work collaboratively
• Recent graduates and motivated candidates are encouraged to apply

Job Responsibilities:

• Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
• Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
• Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
• Assist in developing and continuously improve the information security issues and resolve the audit findings
• Coordinate implementation and validation of information security controls
• Monitor and assess information security violations incidents and responses
• Troubleshooting and provide technical support for information security solutions
• Assist in preparing training materials to promote information security awareness across the enterprise
• Maintain up-to-date inventory on infrastructure equipment and software
• Perform other duties as assigned by the supervisors

Requirements:

• Degree holder in Information Technology, Computer Science or related disciplines
• Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
• 2+ years relevant working experience on information security, infrastructure maintenance and technical support
• Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
• Knowledge of ISO27001 or Risk Management is a plus
• Positive, responsible, able to work independently and maintain confidentiality
• Fresh graduates and willing to learn will also be considered

Our client is a well known company in HK and they are looking for a Information Security Engineer to cope with their business.

Responsibilities:

• ISO 27001 Compliance: Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 standards.
• Risk Assessment: Conduct regular risk assessments and audits to identify vulnerabilities, threats, and risks to the organization's information assets.
• Policy Development: Create and update security policies, procedures, and guidelines to ensure compliance with regulatory requirements and best practices.
• Incident Response: Manage and respond to security incidents, performing root cause analysis and implementing corrective actions to prevent recurrence.
• Training and Awareness: Develop and deliver training programs to promote security awareness among staff and ensure adherence to security protocols.

Requirements:

• Educational Background: Bachelor's degree in Information Technology, Cybersecurity, or a related field; relevant certifications (e.g., CISSP, CISA, CISM) are advantageous.
• Experience: Minimum of 3-5 years in information security roles with a focus on ISO 27001 compliance and security operations.
• Technical Skills: Proficiency in security frameworks, risk management practices, and incident response methodologies; familiarity with security tools and technologies.
• Analytical Skills: Strong analytical and problem-solving skills to assess security risks and develop effective mitigation strategies.
• Communication Skills: Excellent verbal and written communication skills for reporting security issues and training employees on security practices.

Interested parties, please kindly send your CV to , thanks

Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes