What Jobs are available for Identity Access Management in Hong Kong?

The Company

Global and reputable company.

The Role

• Lead the design, implementation, and management of Identity and Access Management (IAM) systems, ensuring robust security, scalability, and alignment with business objectives.
• Administer, install, integrate, and deploy one or more IAM solutions, such as Okta, Microsoft Entra ID (Azure AD), SailPoint, Ping/ForgeRock, Oracle, Saviynt, or equivalent platforms.
• Collaborate with cross-functional teams to integrate IAM solutions with various applications and systems, ensuring seamless functionality and user experience.
• Develop, troubleshoot, and maintain custom scripts for automation and process optimization using PowerShell and BeanShell scripting.
• Evaluate and implement tools and policies for role-based access control (RBAC), provisioning, deprovisioning, single sign-on (SSO), and multi-factor authentication (MFA).
• Monitor the performance and security of IAM systems, identifying and addressing vulnerabilities or inefficiencies proactively.
• Stay updated on industry trends in IAM technologies and frameworks to recommend and apply best practices.
• Create and document standards, procedures, and workflows related to IAM processes and technologies.
• Provide guidance and technical support to teams and act as a subject matter expert on IAM-related initiatives.

Your Profile

• Bachelor's degree in Computer Science, Engineering, or a related technical field, or equivalent work experience.

• Strong hands-on experience with one or more IAM solutions, such as Okta, Microsoft Entra ID, SailPoint, Ping/ForgeRock, Oracle, Saviynt, or similar platforms.

• Proficiency in PowerShell and BeanShell scripting for automation and integration tasks.
• Experience with access controls, identity governance, SSO, and MFA technologies.
• Knowledge of common IAM protocols and standards (e.g., LDAP, SAML, OAuth, OpenID Connect).
• Strong understanding of best practices for security and compliance within IAM ecosystems.
• Ability to architect scalable solutions that meet current and future business requirements.
• Exceptional problem-solving skills with the ability to work in a fast-paced environment.
• Strong written and verbal communication skills for collaborating with teams and documenting processes.

Apply Today

To apply online (Word attachment only), please click the 'Apply' button. Please note that only short-listed candidates will be contacted.

Reference No

By clicking 'apply', you give your express consent that Robert Half may use your personal information to process your job application and to contact you from time to time for future employment opportunities. For further information on how Robert Half processes your personal information and how to access and correct your information, please read the Robert Half privacy notice: Please do not submit any sensitive personal data to us in your resume (such as government ID numbers, ethnicity, gender, religion, marital status or trade union membership) as we do not collect your sensitive personal data at this time.

Position Summary:

We are seeking a seasoned IAM support with 8 years of experience in Identity & Access Management operations. The ideal candidate will have good hands-on expertise in user lifecycle management, access provisioning, Privileged Access Management (PAM), and access governance. Familiarity with tools such as CyberArk and HashiCorp Vault is highly desirable. This role requires a good understanding of access controls across various platforms, including Linux, Windows (Active Directory), databases, and enterprise applications.

Your Role

• Support day-to-day IAM operations including account onboarding/offboarding, access provisioning, and access reviews.
• Provide administration and operation support on PAM solutions, particularly CyberArk, and contribute to its ongoing enhancement.
• Implement and enforce access control policies across operating systems, databases, and applications.
• Support access recertification and compliance reporting activities.
• Collaborate with internal teams to ensure IAM practices align with security and business requirements.
• Participate in IAM-related projects and contribute to solution design and implementation.
• Support the maintenance of the documentation for IAM procedures, configurations, and policies.

To Succeed in the Role

• Around 8 years of experience in Identity & Access Management.
• Hands-on experience with CyberArk; familiarity with HashiCorp Vault or other IAM tools is a plus.
• Understanding of access controls for Linux, Windows (AD), databases, and enterprise applications.
• Knowledge of security frameworks and compliance standards.
• Effective communication and collaboration skills.
• Strong analytical and problem-solving abilities.
• Relevant certifications (e.g., CyberArk Defender, CISSP, CISM) are preferred.
• Candidates with more experiences will be considered as
  Senior Manager

Preferred Attributes:

• Self-motivated and able to work independently.
• Detail-oriented with a commitment to quality and security.
• Comfortable working in a dynamic, fast-paced environment.

Position Summary:

We are seeking a seasoned IAM support with 8 years of experience in Identity & Access Management operations. The ideal candidate will have good hands-on expertise in user lifecycle management, access provisioning, Privileged Access Management (PAM), and access governance. Familiarity with tools such as CyberArk and HashiCorp Vault is highly desirable. This role requires a good understanding of access controls across various platforms, including Linux, Windows (Active Directory), databases, and enterprise applications.

Your Role

• Support day-to-day IAM operations including account onboarding/offboarding, access provisioning, and access reviews.
• Provide administration and operation support on PAM solutions, particularly CyberArk, and contribute to its ongoing enhancement.
• Implement and enforce access control policies across operating systems, databases, and applications.
• Support access recertification and compliance reporting activities.
• Collaborate with internal teams to ensure IAM practices align with security and business requirements.
• Participate in IAM-related projects and contribute to solution design and implementation.
• Support the maintenance of the documentation for IAM procedures, configurations, and policies.

To Succeed in the Role

• Around 8 years of experience in Identity & Access Management.
• Hands-on experience with CyberArk; familiarity with HashiCorp Vault or other IAM tools is a plus.
• Understanding of access controls for Linux, Windows (AD), databases, and enterprise applications.
• Knowledge of security frameworks and compliance standards.
• Effective communication and collaboration skills.
• Strong analytical and problem-solving abilities.
• Relevant certifications (e.g., CyberArk Defender, CISSP, CISM) are preferred.
• Candidates with more experiences will be considered as Senior Manager

Preferred Attributes:

• Self-motivated and able to work independently.
• Detail-oriented with a commitment to quality and security.
• Comfortable working in a dynamic, fast-paced environment.

Position Summary:

We are seeking a highly experienced and detail-oriented IAM Lead with over 12 years of hands-on experience in Identity & Access Management operations. The ideal candidate will have deep expertise in account onboarding/offboarding, Privileged Access Management (PAM), access recertification — particularly with CyberArk and HashiCorp Vault, and a strong understanding of access controls across Linux, Windows (Active Directory), databases, and enterprise applications. This role requires excellent stakeholder engagement, project management capabilities, and a solid grasp of security best practices.

Your Role

• Lead and manage IAM operations including user lifecycle management (onboarding/offboarding), access provisioning, and periodic access recertification.
• Administer and enhance Privileged Access Management (PAM) solutions, with a focus on CyberArk.
• Design and enforce access control policies across Linux, Windows (AD), databases, and various enterprise applications.
• Collaborate with cross-functional teams to ensure IAM solutions align with business and security requirements.
• Drive IAM-related projects from initiation to completion, ensuring timely delivery and stakeholder satisfaction.
• Conduct regular audits and reviews to ensure compliance with internal and external security standards.
• Develop and maintain documentation for IAM processes, policies, and technical configurations.
• Provide guidance and mentorship to junior IAM team members.
• Stay current with industry trends and emerging technologies in IAM and cybersecurity.

To Succeed in the Role

• Minimum 12 years of experience in Identity & Access Management operations.
• Proven expertise in CyberArk administration and PAM best practices.
• Experience in using HashiCorp is an advantage.
• Strong understanding of access management for Linux, Windows (Active Directory), databases, and applications.
• Solid grasp of security controls, compliance frameworks, and risk management principles.
• Excellent project management and stakeholder engagement skills.
• Strong critical and logical thinking abilities.
• Exceptional written and verbal communication skills in English.
• Relevant certifications (e.g., CISSP, CISM, CyberArk Defender/Sentry) are a plus.

Preferred Attributes:

• Ability to work independently and as part of a team.
• Proactive problem solver with a strategic mindset.
• Comfortable working in a fast-paced, dynamic environment.

Position Summary:

We are seeking a highly experienced and detail-oriented IAM Lead with over 12 years of hands-on experience in Identity & Access Management operations. The ideal candidate will have deep expertise in account onboarding/offboarding, Privileged Access Management (PAM), access recertification — particularly with CyberArk and HashiCorp Vault, and a strong understanding of access controls across Linux, Windows (Active Directory), databases, and enterprise applications. This role requires excellent stakeholder engagement, project management capabilities, and a solid grasp of security best practices.

Your Role

• Lead and manage IAM operations including user lifecycle management (onboarding/offboarding), access provisioning, and periodic access recertification.
• Administer and enhance Privileged Access Management (PAM) solutions, with a focus on CyberArk.
• Design and enforce access control policies across Linux, Windows (AD), databases, and various enterprise applications.
• Collaborate with cross-functional teams to ensure IAM solutions align with business and security requirements.
• Drive IAM-related projects from initiation to completion, ensuring timely delivery and stakeholder satisfaction.
• Conduct regular audits and reviews to ensure compliance with internal and external security standards.
• Develop and maintain documentation for IAM processes, policies, and technical configurations.
• Provide guidance and mentorship to junior IAM team members.
• Stay current with industry trends and emerging technologies in IAM and cybersecurity.

To Succeed in the Role

• Minimum 12 years of experience in Identity & Access Management operations.
• Proven expertise in CyberArk administration and PAM best practices.
• Experience in using HashiCorp is an advantage.
• Strong understanding of access management for Linux, Windows (Active Directory), databases, and applications.
• Solid grasp of security controls, compliance frameworks, and risk management principles.
• Excellent project management and stakeholder engagement skills.
• Strong critical and logical thinking abilities.
• Exceptional written and verbal communication skills in English.
• Relevant certifications (e.g., CISSP, CISM, CyberArk Defender/Sentry) are a plus.

Preferred Attributes:

• Ability to work independently and as part of a team.
• Proactive problem solver with a strategic mindset.
• Comfortable working in a fast-paced, dynamic environment.

about the company.The hiring company is looking for a highly skilled and experienced IT Manager specializing in IT Infrastructure and Identity and Access Management (IAM) solutions. The right candidate will lead the team in implementing and maintaining robust access control systems, ensuring security and efficiency meet business expectations.

about the job.

• Work closely with the Department Head to lead the design, implementation, and maintenance of IAM strategies, policies, and procedures.
• Oversee the management and administration of IAM solutions, including user provisioning, access controls, group policies, and security configurations.
• Manage a team of IAM professionals, providing coaching, guidance, and support to foster professional growth and ensure high-performance deliverables.
• Develop and enforce access control policies and standards, ensuring compliance with industry regulations and best practices.
• Architect and roadmap the IAM infrastructure, considering scalability, performance, and future business growth needs.
• Collaborate with stakeholders, including internal IT teams, business units, and third-party vendors, to analyze access requirements, implement appropriate solutions, and ensure seamless integration with other systems.
• Conduct strategic planning for IAM, identifying opportunities for improvement, evaluating new technologies, and recommending enhancements to the IAM ecosystem.

skills & experiences required.

• Bachelor's Degree or above in Computer Science, Business Administration, or a related discipline.
• 15+ years of experience in the IT field with a strong focus on IT Infrastructure management and IAM solutions, preferably with a minimum of 6 years in a managerial or solution architect role.
• Strong experience in Microsoft IAM solutions such as Microsoft Active Directory and Microsoft Azure AD (Entra ID); knowledge of other IAM tools such as CyberArk or Okta is a plus.
• Solid experience in strategic planning, architecting, road mapping, and implementing infrastructure projects for enterprise-level businesses.
• Strong understanding of IAM concepts, including identity lifecycle management, authentication, authorization, and access governance.
• Strong communication skills and a business mindset, with the ability to manage relationships with business stakeholders at all levels.
• Experience in budgeting, project management, team management, and third-party vendor management.
• Proficient in both Chinese and English; and currently based in Hong Kong with a valid work permit is a must.

If you're interested in this exciting opportunity please don't delay and click APPLY NOW for more information you can reach out to Wendy Fung at with the resume.

Job Purpose:

Assist Head of Information Security to ensure adequate and effective controls are in place.

Main Responsibilities:

• Support security tools including network firewall, DLP, SIEM, vulnerability scanning,
• micro-segmentation
• Review the firewall rule change requests; conduct the modification or reject if the request
• may expose the Group to unacceptable risk
• Act as project manager role on information security projects
• Provide technical guidance to systems and network team regarding security configurations
• Analyse cybersecurity incidents and make recommendations on remedial actions.
• Define and design adequate security controls to maintain secure control environment.
• Conduct regular security assessment on systems, network and IT infrastructure
• Provide security advisory service to stakeholders on new initiatives and development
• projects.
• Maintain Cyber Incident Response plan and playbook. Assist cyber incident response drill
• in regular basis.
• Monitor and govern external service providers, including both outsourcing service
• providers and connected third parties, to deliver the services as per the Group's security
• requirements.

Incumbent Requirements:

• Minimum 6 years of relevant work experience in technology risk, information security
• and cybersecurity
• University graduate in Computer Science / Information Technology or equivalent.

• One or more certificates listed below:

• ISC2 Certified Information Security Professional (CISSP)

• ISACA Certified Information System Auditor (CISA)
• ISACA Certified Information Security Manager (CISM)
• ISC2 Certified Cloud Security Professional (CCSP)
• Good knowledge in cybersecurity, Intrusion Detection/Prevention System and
• application security of finance/banking systems, in particular hands on experience in
• firewall management
• Experience in regulators' requirement on technology risk management including the
• Cyber Resilience Assessment Framework (CRAF) and Customer Security Controls
• Framework of SWIFT
• Strong information security sense in relation to business requirements
• Mature, independent and able to deliver quality results under tight schedule

Please note that only shortlisted candidates will be notified.

Job Purpose:

Assist Head of Information Security to ensure adequate and effective controls are in place.

Main Responsibilities:

• Support security tools including network firewall, DLP, SIEM, vulnerability scanning, micro-segmentation;
• Review the firewall rule change requests; conduct the modification or reject if the request may expose the Group to unacceptable risk;
• Act as project manager role on information security projects;
• Provide technical guidance to systems and network team regarding security configurations;
• Analyse cybersecurity incidents and make recommendations on remedial actions;
• Define and design adequate security controls to maintain secure control environment;
• Conduct regular security assessment on systems, network and IT infrastructure;
• Provide security advisory service to stakeholders on new initiatives and development projects;
• Maintain Cyber Incident Response plan and playbook. Assist cyber incident response drill in regular basis;
• Monitor and govern external service providers, including both outsourcing service providers and connected third parties, to deliver the services as per the Group's security requirements.

Incumbent Requirements:

• Minimum 6 years of relevant work experience in technology risk, information security and cybersecurity;
• University graduate in Computer Science / Information Technology or equivalent;

• One or more certificates listed below:

• ISC2 Certified Information Security Professional (CISSP)

• ISACA Certified Information System Auditor (CISA)

• ISACA Certified Information Security Manager (CISM)

• ISC2 Certified Cloud Security Professional (CCSP)

• Good knowledge in cybersecurity, Intrusion Detection/Prevention System and application security of finance/banking systems, in particular hands on experience in firewall management;

• Experience in regulators' requirement on technology risk management including the Cyber Resilience Assessment Framework (CRAF) and Customer Security Controls Framework of SWIFT;
• Strong information security sense in relation to business requirements;
• Mature, independent and able to deliver quality results under tight schedule.

Please note that only shortlisted candidates will be notified.

Position Overview

We are seeking an experienced and strategically minded Information Security Officer to join our organization. In this role, you will be the key architect and executor of the company's information security strategy, responsible for building, maintaining, and continuously optimizing our information security framework.

Your work will play a critical role in protecting our core trading systems, sensitive client data, and essential business infrastructure—ensuring that our operations remain secure, stable, and compliant with global financial regulatory standards.

Key Responsibilities

Strategy and Governance

• Develop, implement, and continuously refine the company's overall information security strategy, roadmap, and policy framework.
• Report the organization's security posture, major risks, and governance updates to senior management and the board of directors.
• Establish and promote a strong information security culture across the organization through comprehensive training and awareness programs.

Compliance and Risk Management

• Lead and ensure compliance with all applicable financial industry laws, regulations, and supervisory requirements (including CSRC, Cybersecurity Law, Data Security Law, Personal Information Protection Law, GDPR, etc.).
• Oversee internal and external security audits and compliance reviews and ensure timely remediation of audit findings.
• Conduct regular information security risk assessments to identify threats and vulnerabilities affecting trading platforms, client data, and company assets, and drive the implementation of risk mitigation measures.

Technical Security and Defence

• Supervise the implementation and operation of security controls across network, system, application, and data layers—including but not limited to firewalls, IDS/IPS, SIEM, WAF, and endpoint protection.
• Ensure the confidentiality, integrity, and availability of the production trading environment.
• Manage security relationships with cloud service providers (such as Azure) and third-party partners, including security posture assessments.

Security Operations and Incident Response

• Lead the Security Operations Centre (SOC) team in monitoring, analyzing, and responding to security incidents.
• Develop and maintain a comprehensive incident response plan and organize regular simulation exercises.
• Serve as the overall incident commander during actual security events, ensuring effective containment, eradication, and recovery.
• Oversee the vulnerability management process, coordinating with technical teams on scanning, assessment, prioritization, and remediation.

Data Security and Privacy Protection

• Design and implement data classification and protection programs, including DLP, encryption, and access control policies.
• Ensure the full lifecycle protection of sensitive data such as client transaction data and personally identifiable information (PII).

Qualifications

Basic Requirements

• Bachelor's degree or above in Computer Science, Information Security, or a related field.
• Over 8 years of experience in information security, with at least 3 years in a managerial or equivalent role within the financial industry (especially securities, futures, or trading platforms).
• Holder of internationally recognized security certifications such as CISSP, CISM, or CISA.

Knowledge and Skills

• Financial Industry Compliance Expertise: Deep understanding of cybersecurity and IT governance requirements set by domestic and international financial regulators.
• Strong Technical Foundation: Proficient in network security architecture, operating system security (Linux/Windows), database security, and application security. Familiarity with trading system technology stacks is a strong plus.
• Hands-on Security Experience: Extensive experience in security incident investigation, incident response, and threat hunting; well-versed in common attack techniques and defense strategies.
• Leadership and Communication: Excellent leadership, communication, and coordination skills; capable of leading cross-functional collaboration with technology, business, risk, and compliance teams.
• Strategic Thinking: Ability to align business objectives with security goals and develop practical, effective security strategies.

We Offer

• Highly competitive compensation package and performance-based bonuses.
• The opportunity to play a key leadership role in shaping cybersecurity at the forefront of the fintech industry.
• A professional, open, and intellectually challenging work environment.
• Comprehensive benefits and a structured career development pathway.

工作類型: 全職

薪酬: 最多每月 $60,000.00

Work Location: 親身到場