What Jobs are available for Data Security in Hong Kong?

Our client is a globally recognized financial services and insurance group with a strong presence across Asia. Their regional data team-comprising analysts, architects, engineers, and BI experts-is dedicated to leveraging data as a strategic asset to drive business outcomes. This team delivers high-quality, accessible data for Business Intelligence, Digital Applications, and Advanced Analytics.

They are looking for a strategic and detail-oriented
Data Security & Governance Lead
to champion access control and data risk oversight across our Asia operations. This pivotal role will be responsible for ensuring robust data protection practices, harmonizing regional governance frameworks with global standards, and maintaining compliance with diverse regulatory landscapes.

Key Responsibilities

• Access Management & Governance:
  Design and enforce access control frameworks across Asia's data lakes, ensuring alignment with global standards and local regulatory requirements.
• Regulatory Compliance:
  Monitor and ensure adherence to data access regulations across ten markets. Collaborate with legal and compliance teams to address evolving requirements.
• Data Risk Management:
  Identify and mitigate data privacy and security risks through Privacy Impact Assessments (PIAs), Data Protection Impact Assessments (DPIAs), Information Risk Assessments (IRAs), audits, and incident response planning.
• Stakeholder Collaboration:
  Work closely with IT, architecture, legal, and business teams to implement secure, scalable access solutions and promote data stewardship.
• Training & Awareness:
  Foster a culture of data security through targeted training and awareness initiatives across the region.

Key Requirements

• Bachelor's or Master's degree in IT, Data Science, Business Administration, or a related field.
• Minimum 10 years of experience in access management, data governance, or risk management.
• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access control frameworks, governance policies, and regulatory compliance across multiple jurisdictions.
• Proficiency in databases, Microsoft technologies, and Databricks.
• Foundational understanding of Generative AI and OpenAI technologies.
• Proven track record in managing data risks and implementing effective mitigation strategies.

Our client offers competitive compensation and benefits, as well as a dynamic and fast-paced work environment.

Interested parties, please send your CV to Ron Lee on or contact on for more details. For other available opportunities, please visit

Pinpoint Asia is partnering with a market-leading global organization at the forefront of a major data-driven transformation. We are seeking a visionary leader to join the Pan-Asian Data Center of Excellence and build the foundation of data security and trust for the entire region.

This isn't your typical compliance role. We're looking for a technical leader who can bridge the gap between cutting-edge data technology and complex regulatory demands. If you're passionate about securing modern data platforms and thrive on architecting solutions, this is your opportunity to make a significant impact.

Your New Role

As the SME, you will be the cornerstone of data security and compliance within the regional data team. You will have the autonomy to design, implement, and enforce the frameworks that protect the company's most valuable asset: its data.

• Architect the Future of Access:
  Design and own a sophisticated, role-based access management (RBAC) framework for a complex data lakehouse ecosystem built on Azure and Databricks.
• Champion Data Governance:
  Drive initiatives to ensure the integrity, security, and availability of critical data assets, promoting a culture of data stewardship and accountability.
• Navigate a Complex Landscape:
  Act as the subject matter expert on data privacy regulations across 10+ diverse Asian markets, translating legal requirements into actionable technical controls.
• Mitigate Data Risk:
  Proactively identify and assess data security and privacy risks. You'll lead impact assessments (PIA/DPIA) and own the risk mitigation strategy from identification to resolution.
• Lead from the Front:
  Collaborate seamlessly with data engineers, architects, legal counsel, and senior business leaders to embed security into the DNA of every data project.

Are You the Right Person?

We're looking for a unique blend of deep technical knowledge and strategic governance expertise. You are a pragmatist who understands that the goal is to enable the business, not restrict it.

• Proven Experience:
  You have 8–10 years of experience working at the intersection of data technology, risk management, and compliance, preferably within a large multinational.

• Technical Depth is a MUST:
  This is a hands-on leadership role. You must have strong proficiency and a deep understanding of modern data platforms. Key technologies include:

• Databricks
  (Unity Catalog experience is a huge plus)

• Azure Data Lake (ADLS), Azure Data Factory, and Microsoft Synapse

• SQL
  and relational databases (e.g., Oracle)

• Governance & Risk Acumen:
  You have a proven track record in building and enforcing data governance policies and access frameworks. Professional certifications like CIPP, CRISC, or CDMP are highly advantageous.

• Global Mindset, Regional Focus:
  You have experience navigating the diverse data privacy and regulatory requirements across Asia.
• Exceptional Communicator:
  You can confidently articulate complex technical and risk concepts to both engineers and C-level executives.

What's in It for You?

• High-Impact Role:
  This is a highly visible position where your work will directly protect and enable the business across the entire region.
• Modern Tech Stack:
  Get your hands on the latest in cloud data technology (Databricks, Azure) at a massive scale.
• Career Growth:
  Join a company that invests in its people, offering significant opportunities for professional development and career progression.
• Supportive Culture:
  Be part of a global team that values flexibility, well-being, and inclusion.

Who We Are

At OKX, we believe that the future will be reshaped by crypto, and ultimately contribute to every individual's freedom.

OKX is a leading crypto exchange, and the developer of OKX Wallet, giving millions access to crypto trading and decentralized crypto applications (dApps). OKX is also a trusted brand by hundreds of large institutions seeking access to crypto markets. We are safe and reliable, backed by our Proof of Reserves.

Across our multiple offices globally, we are united by our core principles: We Before Me, Do the Right Thing, and Get Things Done. These shared values drive our culture, shape our processes, and foster a friendly, rewarding, and diverse environment for every OK-er.

OKX is part of OKG, a group that brings the value of Blockchain to users around the world, through our leading products OKX, OKX Wallet, OKLink and more.

About the Opportunity

Job Description:

• Develop and enhance data security detection capabilities, including but not limited to DLP, data encryption and data masking;
• Continuously validate existing data security rules and models; follow up on data security incident identification, response, handling, investigation, and forensics;
• Continuously improve risk identification capabilities in data security by optimizing detection rules and models to optimize the overall detection coverage; build data asset maps; use graph detection and other techniques to trace data flows and identify sensitive data exfiltration risks.

Job Requirements:

• Major in information security, network security, or computer science; 3–5 years of relevant experience in data security;
• Familiar with the data security lifecycle, understanding the risk points and key objectives at each stage;
• Familiar with common security offense and defense techniques, with experience in building security operations and managing data security risks; strong sensitivity to data exposure risks;
• Familiar with data security products and detection methods such as DLP, UEBA, sensitive data identification, data encryption/decryption, and secure data sharing;
• Experience with enterprise-level endpoint data protection solutions; experience in endpoint security, familiarity with macOS and Linux systems, and hands-on experience in data threat modeling is a plus;
• Experience with enterprise-level big data analysis tools such as Flink, Hive, Spark, ElasticSearch, and graph technologies; hands-on experience in security data mining, analytics, or threat intelligence analysis is a plus;
• Strong logical thinking and communication skills, with a good understanding of compliance and legal considerations.

Perks & Benefits

• Competitive total compensation package
• L&D programs and education subsidy for employees' growth and development
• Various team building programs and company events
• Wellness and meal allowance
• Comprehensive healthcare schemes for employees and dependants
• More that we love to tell you along the process

Join the Pioneer Crypto Brand in the Philippines
Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

Job Responsibilities

• Sort out and govern the company's current data security status
• Take charge of the construction of the company's data security system
• Collaborate with the legal, compliance, audit, and business teams to ensure data security policies align with regulatory requirements
• Provide data security design and development support to the R&D, product, and operation teams
• Participate in and promote key management (KMS/HSM) and encryption policies, and establish a key rotation mechanism
• Drive the construction of data security infrastructure, such as DLP (Data Loss Prevention), database auditing, and key management
• Participate in the emergency response to data security breach incidents

Requirements

• At least 5 years of experience in information security or data security, including practical experience in data security or encryption technology projects
• In-depth mastery of data encryption, key management, DLP, data desensitization, database auditing, and access control mechanisms
• Proficiency in methodologies for data security system construction and governance
• Familiarity with international and domestic data security laws, regulations, and standards (e.g., GDPR, ISO 27001)
• Familiarity with the construction and implementation of data security capabilities on the AWS cloud platform
• Excellent cross-departmental communication skills and the ability to drive the implementation of data security initiatives

Join the Coins Team Now
Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.

Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.

A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes Coins culture welcomes new ideas backed up by data to create an impact.

We may use artificial intelligence (AI) tools to support parts of the hiring process, such as reviewing applications, analyzing resumes, or assessing responses. These tools assist our recruitment team but do not replace human judgment. Final hiring decisions are ultimately made by humans. If you would like more information about how your data is processed, please contact us.

Join the Pioneer Crypto Brand in the Philippines

Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

• Sort out and govern the company's current data security status.
• Take charge of the construction of the company's data security system.
• Collaborate with the legal, compliance, audit, and business teams to ensure data security policies align with regulatory requirements.
• Provide data security design and development support to the R&D, product, and operation teams.
• Participate in and promote key management (KMS/HSM) and encryption policies, and establish a key rotation mechanism.
• Drive the construction of data security infrastructure, such as DLP (Data Loss Prevention), database auditing, and key management.
• Participate in the emergency response to data security breach incidents.

• At least 5 years of experience in information security or data security, including practical experience in data security or encryption technology projects.
• In-depth mastery of data encryption, key management, DLP, data desensitization, database auditing, and access control mechanisms.
• Proficiency in methodologies for data security system construction and governance.
• Familiarity with international and domestic data security laws, regulations, and standards (e.g., GDPR, ISO
• Familiarity with the construction and implementation of data security capabilities on the AWS cloud platform.
• Excellent cross-departmental communication skills and the ability to drive the implementation of data security initiatives.

Join the Coins Team Now

Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.

Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.

A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes Coins culture welcomes new ideas backed up by data to create an impact.

JOB REFERENCE

BOCI00826

CONTRACT TYPE

Permanent

DIVISION

Business Operations

JOB FUNCTION

N/A

The Role

AVP, Data Security Specialist, Business Operations

Key Accountabilities

• Play role as subject matter expert in Data Security and 2nd line of defense in Data Security Risk Management;
• Establish data security and data security risk management framework and mechanism and develop, implement, and maintain relevant policies and procedures. Ensure compliance with local and international regulations and standards, as well as Head Office's requirements in data security and data security risk management;
• Protect sensitive and classified data according to regulatory requirements and Head Office standard/framework;
• Prepare risk assessments and vulnerability analyses to identify potential threats to data security;
• Conduct data classification and implement measures to minimize and mitigate data security risk;
• Manage data security incidents, breaches and compliance violations. Responsible to design and implement remedial actions in case of events happened;
• Collaborate with RMD, IT, business and other stakeholders regionally to ensure data security and data security risk management policies and procedures are implemented;
• Lead training and awareness programs to educate employee ondata security best practices.

Skills & Experience

• Bachelor degree in information Security , Risk management, Computer Science or a related field;
• Minimum of 7 years of experience in data and 5 year of experience in data security, risk management or related roles, preferably in the banking or financial services industry;
• Strong in data security and deep understanding of data security risk management;
• Proven experience in establishing data security risk management framework and data security policies and implement data security related measures;
• Problem solving leader with excellent communication skills and leadership ability to formulate and remediate the resolution from complex environment;
• Hold certifications such as CISSP, CISM, CISA, CCIP/A, CIPP/E,CIPM,CIPT are preferred;
• Proficient in Chinese and English, preferable fluent in Putonghua.

Other Information

• Please apply in strict confidence with full resume, academic record, current and expected salaries;
• The personal data provided will be used for consideration of recruitment only. All personal data of unsuccessful candidate will be destroyed within 24 months;
• Candidates with Enhanced Competency Framework (ECF): please state on the CV.

About BOCI

As a leading investment bank in China and Hong Kong region, the investment banking arm of Bank of China, BOC International Holdings Limited ("BOCI"), is now seeking highly motivated, creative and success-oriented professional who would like to pursue the career for supporting our group.

The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia and the broader Asia segment. The team comprises Data Analysts, Architects, Engineers, and Business Intelligence professionals focused on delivering high-quality, accessible data for use cases spanning Business Intelligence, Digital Applications, and Advanced Analytics.

We are seeking a highly skilled and experienced Associate Director, Data Security and Compliance to spearhead the development and enforcement of access management frameworks and data risk policies across multiple data lakes in Asia, while ensuring alignment with global standards. This role is critical in maintaining regulatory compliance across ten markets and managing key data risks within the Asia Data Office.

Position Responsibilities
Access Management

• Framework Development: Design, implement, and maintain robust access management frameworks and policies to ensure secure and efficient data access across Asia's data lakes.
• Policy Integration: Collaborate with global teams to align regional access policies with global standards.
• Access Controls: Regularly monitor and audit access controls to ensure compliance with internal policies and security protocols.
• User Access Management: Oversee role-based access provisioning, ensuring appropriate access levels based on responsibilities.
• Technology Enablement: Partner with IT and architecture teams to implement tools and technologies that support access governance.

Data Governance

• Governance Oversight: Ensure effective governance of data access, maintaining data integrity, security, and availability.
• Quality Initiatives: Lead efforts to standardize and harmonize data access processes across the region.
• Policy Enforcement: Ensure adherence to data governance policies by all stakeholders.

Regulatory Compliance

• Compliance Monitoring: Track and ensure compliance with data access regulations across ten markets, adapting policies as needed.
• Regulatory Liaison: Work closely with legal and compliance teams to meet local and international regulatory requirements.
• Documentation: Maintain clear and comprehensive documentation of access policies and procedures.

Data Risk Management

• Risk Identification & Mitigation: Identify, assess, and mitigate data privacy and security risks. Lead Privacy Impact Assessments (PIAs) and Data Protection Impact Assessments (DPIAs).
• Risk Execution: Own and execute Information Risk Assessments (IRAs) for the Asia Data Office.
• Audit & Compliance: Conduct regular audits to ensure ongoing compliance with privacy and security laws. Implement corrective actions as necessary.
• Incident Response: Lead response efforts for data breach incidents, including investigation, reporting, and remediation.
• Reporting: Provide regular updates on data risk status and mitigation strategies to the Asia Chief Data Officer and senior leadership.
• Training & Awareness: Develop and deliver training programs to promote a culture of privacy and data security awareness.

Coordination & Collaboration

• Cross-Functional Engagement: Collaborate with IT, legal, compliance, architecture, engineering, and business teams to ensure cohesive access management.
• Culture Building: Promote data stewardship and accountability across the organization.
• Solution Design: Work closely with solution and data architects to design access management solutions aligned with business and regulatory needs.

Required Qualifications

• Bachelor's or Master's degree in Information Technology, Data Science, Business Administration, or a related field.
• 8–10 years of experience in access management, data governance, or risk management.
• Experience in a multinational organization with a focus on Asia.
• Professional certifications such as CIPP, CRISC, or CDMP.
• Strong knowledge of access frameworks, governance policies, and regulatory compliance.
• Proficiency in technologies such as SQL, Oracle RDBMS, Microsoft Synapse, Azure Data Lake Storage (ADLS), Azure Data Factory, Cosmos DB, and Databricks.
• Foundational understanding of emerging technologies like Generative AI and OpenAI.
• Demonstrated experience in managing data risks and implementing mitigation strategies.
• Excellent leadership, communication, and stakeholder management skills.
• Ability to thrive in a fast-paced, dynamic environment with multiple priorities.

When You Join Our Team

• We'll empower you to learn and grow the career you want.
• We'll recognize and support you in a flexible environment where well-being and inclusion are more than just words.
• As part of our global team, we'll support you in shaping the future you want to see.

About Manulife And John Hancock
Manulife Financial Corporation is a leading international financial services provider, helping people make their decisions easier and lives better. To learn more about us, visit

Manulife is an Equal Opportunity Employer
At Manulife/John Hancock, we embrace our diversity. We strive to attract, develop and retain a workforce that is as diverse as the customers we serve and to foster an inclusive work environment that embraces the strength of cultures and individuals. We are committed to fair recruitment, retention, advancement and compensation, and we administer all of our practices and programs without discrimination on the basis of race, ancestry, place of origin, colour, ethnic origin, citizenship, religion or religious beliefs, creed, sex (including pregnancy and pregnancy-related conditions), sexual orientation, genetic characteristics, veteran status, gender identity, gender expression, age, marital status, family status, disability, or any other ground protected by applicable law.

It is our priority to remove barriers to provide equal access to employment. A Human Resources representative will work with applicants who request a reasonable accommodation during the application process. All information shared during the accommodation request process will be stored and used in a manner that is consistent with applicable laws and Manulife/John Hancock policies. To request a reasonable accommodation in the application process, contact

Working Arrangement
Hybrid

The Role

AVP, Data Security Specialist, Business Operations

Key Accountabilities

• Play role as subject matter expert in Data Security and 2nd line of defense in Data Security Risk Management;
• Establish data security and data security risk management framework and mechanism and develop, implement, and maintain relevant policies and procedures. Ensure compliance with local and international regulations and standards, as well as Head Office's requirements in data security and data security risk management;
• Protect sensitive and classified data according to regulatory requirements and Head Office standard/framework;
• Prepare risk assessments and vulnerability analyses to identify potential threats to data security;
• Conduct data classification and implement measures to minimize and mitigate data security risk;
• Manage data security incidents, breaches and compliance violations. Responsible to design and implement remedial actions in case of events happened;
• Collaborate with RMD, IT, business and other stakeholders regionally to ensure data security and data security risk management policies and procedures are implemented;
• Lead training and awareness programs to educate employee ondata security best practices.

Skills & Experience

• Bachelor degree in information Security , Risk management, Computer Science or a related field;
• Minimum of 7 years of experience in data and 5 year of experience in data security, risk management or related roles, preferably in the banking or financial services industry;
• Strong in data security and deep understanding of data security risk management;
• Proven experience in establishing data security risk management framework and data security policies and implement data security related measures;
• Problem solving leader with excellent communication skills and leadership ability to formulate and remediate the resolution from complex environment;
• Hold certifications such as CISSP, CISM, CISA, CCIP/A, CIPP/E,CIPM,CIPT are preferred;
• Proficient in Chinese and English, preferable fluent in Putonghua.

Other Information

• Please apply in strict confidence with full resume, academic record, current and expected salaries;
• The personal data provided will be used for consideration of recruitment only. All personal data of unsuccessful candidate will be destroyed within 24 months;
• Candidates with Enhanced Competency Framework (ECF): please state on the CV.

About BOCI

As a leading investment bank in China and Hong Kong region, the investment banking arm of Bank of China, BOC International Holdings Limited ("BOCI"), is now seeking highly motivated, creative and success-oriented professional who would like to pursue the career for supporting our group.

The Role

AVP, Data Security Specialist, Business Operations

Key Accountabilities

• Play role as subject matter expert in Data Security and 2nd line of defense in Data Security Risk Management;
• Establish data security and data security risk management framework and mechanism and develop, implement, and maintain relevant policies and procedures. Ensure compliance with local and international regulations and standards, as well as Head Office's requirements in data security and data security risk management;
• Protect sensitive and classified data according to regulatory requirements and Head Office standard/framework;
• Prepare risk assessments and vulnerability analyses to identify potential threats to data security;
• Conduct data classification and implement measures to minimize and mitigate data security risk;
• Manage data security incidents, breaches and compliance violations. Responsible to design and implement remedial actions in case of events happened;
• Collaborate with RMD, IT, business and other stakeholders regionally to ensure data security and data security risk management policies and procedures are implemented;
• Lead training and awareness programs to educate employee ondata security best practices.

Skills & Experience

• Bachelor degree in information Security , Risk management, Computer Science or a related field;
• Minimum of 7 years of experience in data and 5 year of experience in data security, risk management or related roles, preferably in the banking or financial services industry;
• Strong in data security and deep understanding of data security risk management;
• Proven experience in establishing data security risk management framework and data security policies and implement data security related measures;
• Problem solving leader with excellent communication skills and leadership ability to formulate and remediate the resolution from complex environment;
• Hold certifications such as CISSP, CISM, CISA, CCIP/A, CIPP/E,CIPM,CIPT are preferred;
• Proficient in Chinese and English, preferable fluent in Putonghua.

Other Information

• Please apply in strict confidence with full resume, academic record, current and expected salaries;
• The personal data provided will be used for consideration of recruitment only. All personal data of unsuccessful candidate will be destroyed within 24 months;
• Candidates with Enhanced Competency Framework (ECF): please state on the CV.

About BOCI

As a leading investment bank in China and Hong Kong region, the investment banking arm of Bank of China, BOC International Holdings Limited ("BOCI"), is now seeking highly motivated, creative and success-oriented professional who would like to pursue the career for supporting our group.