144 Information Security jobs in Hong Kong

Cyber Security Manager(HK)

Hang Seng Bank

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

Join to apply for the Cyber Security Manager (HK) role at Hang Seng

This advertiser has chosen not to accept applicants from your region.

AVP Technology Risk Manager, Operational Risk

ALL-STAR AGENCY

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

AVP Technology Risk Manager, Operational Risk AVP Technology Risk Manager, Operational Risk

1 day ago Be among the first 25 applicants

Direct message the job poster from ALL-STAR AGENCY

President and Founder | ALL-STAR AGENCY | Recruiting Champions in Banking and Financial Services

We are recruiting for a world class corporate

This advertiser has chosen not to accept applicants from your region.

Cyber Security Risk Manager

Hong Kong, Hong Kong Emmbr

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Get AI-powered advice on this job and more exclusive features.

Direct message the job poster from Emmbr

  • Lead security risk in a fast-paced global organisation from the ground up
  • Based in HK, SG or KL to join a growing team
  • Hybrid working, top management, competitive pay + bonus



A dynamic and rapidly expanding global financial services organisation is looking for a Cyber Security Risk Manager to lead its security risk efforts across international operations. Known for its innovative approach and agile culture, this is your chance to drive meaningful change in a high-performance environment that values curiosity, collaboration, and continuous improvement.


About the role:

  • Design and evolve a scalable IT Risk Management framework in line with leading global standards (ISO 31000, ISO 27001, NIST, DORA, PCI DSS)
  • Conduct comprehensive security risk assessments across systems, infrastructure, and business operations
  • Resolve audit findings by strengthening internal controls and embedding proactive risk mitigation practices
  • Partner with internal stakeholders to prepare for regulatory and client audits
  • Refine and uphold IT security policies and governance across the organisation
  • Collaborate closely with IT, Risk, and Compliance teams to cultivate a risk-aware culture


About You:

  • Proven experience in IT security risk management, audit, or cybersecurity governance
  • Strong working knowledge of risk and compliance frameworks, as well as regulatory obligations
  • Able to interpret complex risk scenarios and explain them clearly to both technical and non-technical audiences
  • Detail-oriented with strong organisational skills and the ability to juggle multiple priorities
  • Collaborative and pragmatic, with experience working in fast-paced or complex enterprise environments
  • A mindset focused on practical outcomes and continuous improvement



Apply now!

Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology, Management, and Other
  • Industries Capital Markets, Financial Services, and Investment Management

Referrals increase your chances of interviewing at Emmbr by 2x

Get notified about new Risk Manager jobs in Hong Kong SAR .

Operational Risk Specialist (Third party risk) Japanese Speaking Business Development Officer (30K-35K X 13) - corporate governance / internal control / risk management / legal / compliance (Lai Chi Kok)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

IT Risk & Assurance Manager

TG Hong Kong

Posted 7 days ago

Job Viewed

Tap Again To Close

Job Description

2 days ago Be among the first 25 applicants

Our client is a top-tier consultancy renowned for delivering strategic advisory, audit, and risk management services to Fortune 500 companies, financial institutions, and government entities. With a strong presence across Asia-Pacific, they are committed to innovation, integrity, and excellence.

Key Responsibilities

As an IT Risk & Assurance Manager, you will play a pivotal role in helping clients navigate complex technology risks and regulatory landscapes.

Your responsibilities will include:

Audit Leadership:

  • Lead and execute IT audits, including general controls, application controls, and cybersecurity assessments
  • Oversee third-party assurance engagements (SOC 1, SOC 2, ISAE/SSAE 3402)

Risk & Compliance Advisory:

  • Advise clients on IT governance, risk management, and regulatory compliance (e.g., MAS TRM, ABS Outsourcing Guidelines)
  • Conduct risk assessments and develop mitigation strategies for IT infrastructure and business applications

Transaction Support:

  • Perform IT due diligence for mergers, acquisitions, and divestitures
  • Evaluate technology risks and integration challenges during deal execution

Stakeholder Engagement:

  • Collaborate with senior executives, internal audit teams, and external regulators
  • Present findings and recommendations to client leadership with clarity and impact

Team Development:

  • Mentor junior staff and contribute to knowledge sharing across the practice
  • Support business development initiatives and proposal writing

Qualifications & Experience

  • Bachelor’s degree in Information Systems, Computer Science, or related field
  • Professional certifications such as CISA, CISSP, CRISC, or equivalent preferred
  • Minimum 5 years of experience in IT audit, risk, or assurance within consulting or financial services
  • Strong understanding of regulatory frameworks and control standards (e.g., COBIT, ISO 27001)
  • Excellent communication, analytical, and project management skills
  • Fluency in English; Cantonese or Mandarin is a plus

What’s in It for You

  • Work with high-profile clients across diverse industries
  • Be part of a dynamic, collaborative, and forward-thinking team
  • Competitive compensation and career advancement opportunities
  • Exposure to cutting-edge technologies and global best practices
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Contract
Job function
  • Job function Consulting
  • Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at TG Hong Kong by 2x

Sign in to set job alerts for “Information Technology Risk Manager” roles. Head of Technology Risk Management, Risk Management Group IT Audit, AM/ Manager (In-house/ Group level) Senior Manager, Risk and Compliance HSIL (HK)

Central & Western District, Hong Kong SAR 1 week ago

Assistant Manager, IT Risk and Compliance (
This advertiser has chosen not to accept applicants from your region.

Senior Manager, IT Security Engineering

Hong Kong, Hong Kong PCCW

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a seasoned IT Security Engineer with approximately 10 years of experience in cybersecurity, particularly in the design, implementation, and maintenance of security controls across application, platform, and cloud environments. The ideal candidate will have strong technical expertise, hands-on experience with security tools and frameworks, and a proactive mindset to support the organization’s security initiatives.

Your Role

  • Design, engineering, and maintain security controls across on-premise applications, platform, and cloud environments.
  • Collaborate with application, infrastructure, and DevOps teams to integrate security into the system development lifecycle (SDLC).
  • Conduct security assessments, and security architecture reviews to identify and mitigate risks.
  • Support the deployment and tuning of security tools such as SIEM, EDR, vulnerability scanners, and IAM solutions.
  • Monitor emerging threats and recommend appropriate mitigation strategies.
  • Assist in incident response activities, including investigation, containment, and remediation.
  • Document security configurations, procedures, and technical standards.
  • Work closely with internal stakeholders and external vendors to ensure compliance with security policies and regulatory requirements.

To Succeed in this Role

  • About 10 years of experience in cybersecurity, with a focus on security engineering and operations.
  • Solid understanding of security principles, technologies, and best practices across application and infrastructure domains
  • Experience with cloud platform is an advantage
  • Familiarity with cybersecurity frameworks and standards (e.g., NIST, ISO 27001, OWASP, CIS).
  • Hands-on experience with security tools
  • Strong analytical and problem-solving abilities.
  • Effective communication and collaboration skills.
  • Demonstrated ability to drive change and influence across technical and business teams.
  • Relevant certifications such as CISSP, CISM, CCSP, or equivalent are preferred.

Other Preferred Attributes

  • Experience with DevSecOps and secure CICD pipelines.
  • Knowledge of scripting or automation for security operations and reporting
  • Exposure to regulatory and compliance requirements
  • Able to work independently and as part of a cross-functional team
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Information Services, Technology, Information and Media, and Software Development

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Technology Security Manager jobs in Hong Kong, Hong Kong SAR .

Head of Information Technology (FSI) | HKD 1.5M - 3M Director of IT | Manufacturing | HKD 110K - HKD 150K / mth Associate - Vice President, Infrastructure (IT) Head of Information Technology - Financial Services

Central & Western District, Hong Kong SAR 2 weeks ago

Director, Technology Modernization and Hong Kong Market Head of Infrastructure & Technology Operations (24×7, High-Throughput Platform) Head of Technology Risk Management, Risk Management Group Head of Digital Innovation, PMO & IT Governance Head of Insfrastructure | HKD 100K - HKD 180K / mth | Inhouse + Perm | Trustee / Fund Admin / Custodian background AI Operation & Digital Solution Director - IT Service Provider - 100-120K + B Head of Architecture - Information Technology

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Identity & Access Management Lead

PCCW

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

3 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a highly experienced and detail-oriented Senior IAM Specialist with over 12 years of hands-on experience in Identity & Access Management operations. The ideal candidate will have deep expertise in

This advertiser has chosen not to accept applicants from your region.

Assistant IT Quality and Security Manager (Quality Management)

Bank of China (Hong Kong)

Posted 9 days ago

Job Viewed

Tap Again To Close

Job Description

Senior IT Quality and Security Manager (Quality Management)

Join to apply for the Senior IT Quality and Security Manager (Quality Management) role at

This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Information security Jobs in Hong Kong !

Regional CISO, APAC

Liberty Mutual Insurance

Posted 10 days ago

Job Viewed

Tap Again To Close

Job Description

Get AI-powered advice on this job and more exclusive features.

The Liberty International Insurance (LII) APAC Regional Chief Information Security Officer (CISO) is responsible for providing leadership and strategic alignment to global enterprise security policies and initiatives, whilst enabling the regional and country business goals and initiatives to achieve competitive advantage. The CISO collaborates with a wide variety of stakeholders across the globe and the broader organisation (Tech and non-Tech) to direct the overall planning and execution of enterprise and regional security related initiatives, as well as ensuring security-related BAU activities are executed to a high level of service standards and efficiency. The CISO champions a flexible, highly adaptable and secure operating environment that is responsive to the evolving threat landscape who also focuses on building and maintaining the digital trust. The CISO is expected to be a master communicator who is confident but humble, and capable of speaking effectively with all levels within and outside the organisation. The ideal CISO is a person who focuses on building a synergistic team across the region to collaborate effectively whilst enabling the team to support local market specific needs. The CISO must have a strong technical background and fully understands threats, risk mitigation and technical controls. Last but not least, the CISO assumes accountability for the daily tactical operations and overall strategic execution of the team under their leadership.

Reporting Line:

The CISO reports to the Head of Technology Risk and Cybersecurity for LII APAC and Global Risk Solutions (GRS) Business Information Security Officer (BISO).

About the Department & Team:

The Regional CISO sits within the broader Technology Risk Governance and Cybersecurity Team. The team serves as the guardians of Liberty Mutual’s organization and customer data. As a team dedicated to enable the business, this role and the team supports the delivery of digital transformation and resulting capabilities whilst aligning with corporate security policies and standards. The team champions the design and delivery of a modern tech risk and control testing framework that mitigates & monitors potential risks.

Key Responsibilities:

  • By bringing together the security team across the region, develop and execute a set of regional security goals and roadmap that aligns to global policies and standards to effectively secure and enable the regional business to achieve its strategic objectives, build digital trust with our customer, partner and employee and attain competitive advantage.
  • Work with regional Risk and Compliance teams to ensure compliance with regulatory requirements across the region. Identify synergies across the region and the globe as part of the exercise.
  • Work with regional and country leadership teams to prioritize and execute remediation effort based on severity and impact of gaps identified. Establish a security maturity model that is tracked and adaptable to necessary changes.
  • Engage and collaborate with a wide group of stakeholders, including but not limited to Global Risk Solutions (GRS) BISO team, Global Cyber Security (GCS) teams, Liberty International Insurance (LII) teams, LII APAC Regional Tech Leadership including Tech Risk, Country tech Leadership, as well as department/functional leaders, Risks, Compliance, Legal and Privacy teams across the globe.
  • As key conduit for Global-region-country communications, empower country-level security leadership and encourage open communication with the goal of operating as “one team”. Drive learnings and standardization where practical and relevant.
  • Work with Global/regional/country teams to define clear RACI on key security initiatives, processes, risks and controls.
  • Lead or play a key role in major incidents, disaster recovery and business continuity events to minimize business and customer impact. Ensure lessons learnt are always conducted and applied to foster continuous improvement.
  • Drive a strong security culture across the region through different communication channels and on-going training/awareness program with a view to safeguard virtual and physical information assets.
  • Influence internal and external constituents, and relays best practice recommendations based on the evolving threat landscape to protect intellectual property and ensure compliance.
  • Define regional or monitor globally defined key performance indicators (KPIs) and metrics that align with business initiatives and deliver them to non-technical individuals in an effective, understandable manner.
  • Identify and develop business case on opportunities for security technology advancement to establish highly effective solutions designed to prevent and detect advanced threats to the company networks and systems.
  • Report regularly to senior management and/or boards, keeping them abreast of the threat landscape and the tactical controls and strategic plans to achieve success.
  • Make process improvements and leverage global capabilities to allow for effective automation and orchestration to maximize team talent and streamline routine tasks.
  • As an empathetic leader, respect and work with team members and staff from a diverse background and geographical location. Mentors the security team and places a heavy emphasis on employee retention – is a people-first leader.
  • Engage and manage third party relationships where required and ensure return on investment.
  • Work with relevant teams including business leaders, Legal, Compliance, Privacy, Risk and Procurement to ensure Third- and Forth-party security management practices are in place as part of onboarding as well as on-going monitoring.
  • Work with business units towards defined standard on responsible use of artificial intelligence (AI) and machine learning (ML).
  • Optimizes and secures cloud infrastructure and applications required to support a dispersed remote workforce.

Skills and Experience:

  • Bachelor's degree in Computer Science, Information Assurance, MIS or related field, or equivalent. MBA or Master’s degree in Information Assurance / Technology is preferred.
  • Preferably 10-15+ years’ management experience, with 5-8+ years’ technical hands-on security, audit and risk management practitioner experience.
  • At least 5 years’ experience working with business leaders holding fiscal responsibilities.
  • CISSP (highly recommended); CISM (preferred) and/or SANS certification a plus.
  • Strong written and oral communication skills across varying levels of the organization.
  • Understanding of service design, delivery concepts and control frameworks.
  • Solid organizational skills and the ability to multi-task, prioritize workloads and delegate responsibilities.
  • Proven ability to receive security team recommendations and act assertively to support objectives.
  • Effective stress management in a constantly changing environment.
  • Highly focused on building and implementing a strong, cohesive team and security culture.
  • Excellent judgment and the ability to make quick decisions when working in complex situations.
  • Forward thinking with strong business acumen and flexibility.
  • Ability to motivate the team to achieve excellence and give credit where it is due.
  • High degree of integrity, trustworthiness and confidence; represents the company and its management team with the highest level of professionalism.
  • Ability to work effectively with a variety of personalities and adapt to effectively reach and develop the team. Uses this skill as well as functional knowledge to both earn and maintain a high level of credibility with the team.
  • Strong believer in enhancing employee skills and promoting training, use of cyber range skill improvement, and breach and attack simulation (BAS) solutions.
  • Requires periodic awareness training for company employees on information security topics and allocates security budget to train technical staff members.
  • Openly supports the organization, the management team and executive leadership team, even during times of adversity.
  • Leads security-related projects from inception to successful completion and is capable of effectively coaching technology staff on appropriate security protocols and needs as they implement new technology into the organization.
Seniority level
  • Seniority level Director
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology, Strategy/Planning, and Consulting
  • Industries Insurance, Financial Services, and IT Services and IT Consulting

Referrals increase your chances of interviewing at Liberty Mutual Insurance by 2x

Sign in to set job alerts for “Chief Information Security Officer” roles.

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Information Security Management Lead

PCCW

Posted 10 days ago

Job Viewed

Tap Again To Close

Job Description

2 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

  • Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
  • Interface with technical teams to understand control implementation and translate findings into governance insights.
  • Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
  • Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
  • Support the development of security reporting and risk metrics
  • Contribute to the development and refinement of security policies, standards, and procedures.
  • Support audit and assessment activities, including evidence collection and coordination with internal teams.
  • Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

  • Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
  • Strong understanding of security controls across infrastructure, application, and cloud domains.
  • Proven ability to work with technical teams and translate technical content into business-friendly reporting.
  • Experience in preparing client-facing documentation and presentations.
  • Excellent written and verbal communication skills in English.
  • Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
  • Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

  • Experience in regulated industries such as finance, healthcare, or insurance.
  • Strong stakeholder engagement and coordination skills.
  • Detail-oriented with a proactive and structured approach to governance.
  • Familiarity with GRC
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Information Technology Cybersecurity Analyst / Specialist Cybersecurity Detection and Response Analyst Technology Consulting - Cyber Security - Security Governance - Senior Associate - Hong Kong Principal IT Lead (Information Security) (Ref: IT-ISNS-PITL-IS-LI)) Sr. Analyst, IAM & Cloud Security Engineering, IT

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Cyber Security Analyst - Group Chief Information Officer

HSBC

Posted 12 days ago

Job Viewed

Tap Again To Close

Job Description

Cyber Security Analyst - Group Chief Information Officer

Join to apply for the Cyber Security Analyst - Group Chief Information Officer role at HSBC

Job Description

Some careers shine brighter than others. If you’re looking for a career that will help you stand out, join HSBC and fulfill your potential. Whether you want a career that could take you to the top or simply take you in an exciting new direction, HSBC offers opportunities, support, and rewards that will take you further.

Our GCIO organization plays a critical role for the

This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Information Security Jobs