179 Information Security jobs in Hong Kong

Information Security Architect

Allianz Global Investors

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

Get AI-powered advice on this job and more exclusive features.

Join us. Let’s care for tomorrow. At Allianz Global Investors we foster a culture of professionalism, fulfilment, and an inclusive working environment. Do you want to be part of a leading active asset management company? Then join us now as Information Security Architect in Hong Kong within the Information Security team.

What You Will Do
  • Support of the continuous development and improvement of our global information security programme (including frameworks, processes, and tool sets) with a focus on security architecture and governance
  • Conduct Security Architecture reviews based on industry-best practise, including threat modelling of systems and applications in scope as a vehicle to identify and communicate security risks
  • Prepare and moderate regional security governance forums and status meetings, having modern and future-proof collaboration models in mind
  • Act as a regional security point of conduct for auditors and business partners
  • Driving our global security training and phishing exercises and conducting regional security awareness measures as part of our communication concept
  • Work closely with a distributed team of Information Security, IAM and Cybersecurity professionals across Asia and Europe
What You Bring
  • Deep expertise and proven experience in Information Security Management, including frameworks, regulations and security architecture
  • 3-7 years of professional experience in information security/cybersecurity with specific industry qualifications (e.g., CISSP, CISM, CISA)
  • Hands-on experience in developing solutions, such as relevant guidelines and operating procedures on the basis of best-practices, business needs and regulatory requirements as well es respective methodologies for control testing
  • Experience in the identification of security risks as well as threat modelling based on internationally recognized frameworks, including the advisory on possible mitigating and controlling measures and architectures.
  • Proven track record in working with diverse and distributed global teams, as well as excellent communication and interpersonal skills (communicating and reporting sophisticated technical concepts to business and risk partners)
  • Experience interacting directly with senior stakeholders (C-Suite, Board and Regulators)
  • Experience balancing multiple concurrent projects and priorities communicating and committing to realistic deadlines, showcasing a structured way of working
  • Proficiency in English is a must, additional proficiency in Mandarin preferred and additional language skills are a plus
What We Offer
  • Balanced work environment: A dynamic office culture that supports flexibility and collaboration
  • Securing your future: Access to pension, retirement, and/or savings plans as applicable to the work location
  • Shared success: Company share purchasing plan
  • Support for what matters: Mental health and wellbeing programs
  • Investments in your career: Career opportunities within the entire Allianz Group
  • Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications
  • … and so much more!
About Allianz Global Investors

Allianz Global Investors is a leading global active asset manager. We invest for the long term and want to create value for clients every step of the way. We do this by being active – in how we partner with clients and anticipate their needs, and build solutions based on capabilities across public and private markets. Our focus on enhancing our clients’ assets leads naturally to a commitment to sustainability for positive change. Our goal is to enhance the investment experience for clients, whatever their location or goals. Putting our clients' needs first, behaving in a transparent way and treating people fairly means acting with integrity. We encourage a collegial culture, that supports individual responsibility. We invest in the development of our employees to maximize the power of innovation. We at Allianz believe in a diverse and inclusive workforce, we are committed to the principles of Equal Employment Opportunity and to helping applicants with any disabilities. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.

If you feel inspired to promote the active asset management experience, this is the place for you. Join our diverse, international, technology-enabled, and agile environment. Simply upload your CV in English to apply for this position! If you need support to navigate our websites or at any stage during your application, please send an email with your request to

To Recruitment Agencies Allianz Global Investors has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Global Investors does not accept unsolicited resumes from agency or search firm recruiters. When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz Global Investors. Finally, please do not contact hiring managers directly.

Location: Sha Tin District, Hong Kong SAR; Job type: Full-Time | Permanent

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Information Security Officer (1-year Renewable Contract)

PCCW

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

We are seeking a diligent and proactive Information Security Officer to oversee and maintain the operational integrity, security, and compliance of our secured room facilities. This role supports ongoing monitoring, access control, and administrative processes to ensure safety and regulatory compliance.

Your Role
  • Conduct monthly inspection of access logs and CCTV reviews to ensure adherence to security protocols.
  • Manage user access applications on a bi-weekly or ad hoc basis, in line with corporate access governance procedures.
  • Complete and maintain a monthly secured room checklist , covering physical and operational controls.
  • Perform monthly access inventory assessments , including user recertification activities.
  • Address administrative and technical issues such as network or hardware incidents on an ad hoc basis.
  • Coordinate monitoring and inspection of the Foshan secured room (monthly and as needed).
  • Perform daily monitoring of security guard performance and escalate concerns when appropriate.
  • Assist in implementing security control enhancements such as mobile device management (MDM), two-factor authentication (2FA), and ID verification improvements.
To Succeed in this Role
  • Diploma or degree holder with 1-2 years of relevant working experience.
  • Familiarity with security monitoring tools and technologies, including CCTV systems and access logs will be a plus.
  • Excellent analytical and problem-solving skills, with the ability to address technical issues effectively.
  • Strong organizational skills and attention to detail, with the ability to manage multiple tasks and priorities.
  • Ability to work independently and as part of a team in a fast-paced environment.
Role Details
  • Seniority level: Associate
  • Employment type: Full-time
  • Job function: Administrative
  • Industries: Software Development and Technology, Information and Media

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Senior Manager, IT Security Engineering

Hong Kong, Hong Kong PCCW

Posted 3 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a seasoned IT Security Engineer with approximately 10 years of experience in cybersecurity, particularly in the design, implementation, and maintenance of security controls across application, platform, and cloud environments. The ideal candidate will have strong technical expertise, hands-on experience with security tools and frameworks, and a proactive mindset to support the organization’s security initiatives.

Your Role

  • Design, engineering, and maintain security controls across on-premise applications, platform, and cloud environments.
  • Collaborate with application, infrastructure, and DevOps teams to integrate security into the system development lifecycle (SDLC).
  • Conduct security assessments, and security architecture reviews to identify and mitigate risks.
  • Support the deployment and tuning of security tools such as SIEM, EDR, vulnerability scanners, and IAM solutions.
  • Monitor emerging threats and recommend appropriate mitigation strategies.
  • Assist in incident response activities, including investigation, containment, and remediation.
  • Document security configurations, procedures, and technical standards.
  • Work closely with internal stakeholders and external vendors to ensure compliance with security policies and regulatory requirements.

To Succeed in this Role

  • About 10 years of experience in cybersecurity, with a focus on security engineering and operations.
  • Solid understanding of security principles, technologies, and best practices across application and infrastructure domains
  • Experience with cloud platform is an advantage
  • Familiarity with cybersecurity frameworks and standards (e.g., NIST, ISO 27001, OWASP, CIS).
  • Hands-on experience with security tools
  • Strong analytical and problem-solving abilities.
  • Effective communication and collaboration skills.
  • Demonstrated ability to drive change and influence across technical and business teams.
  • Relevant certifications such as CISSP, CISM, CCSP, or equivalent are preferred.

Other Preferred Attributes

  • Experience with DevSecOps and secure CICD pipelines.
  • Knowledge of scripting or automation for security operations and reporting
  • Exposure to regulatory and compliance requirements
  • Able to work independently and as part of a cross-functional team
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Information Services, Technology, Information and Media, and Software Development

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Technology Security Manager jobs in Hong Kong, Hong Kong SAR .

Head of Information Technology (FSI) | HKD 1.5M - 3M Director of IT | Manufacturing | HKD 110K - HKD 150K / mth Associate - Vice President, Infrastructure (IT) Head of Information Technology - Financial Services

Central & Western District, Hong Kong SAR 2 weeks ago

Director, Technology Modernization and Hong Kong Market Head of Infrastructure & Technology Operations (24×7, High-Throughput Platform) Head of Technology Risk Management, Risk Management Group Head of Digital Innovation, PMO & IT Governance Head of Insfrastructure | HKD 100K - HKD 180K / mth | Inhouse + Perm | Trustee / Fund Admin / Custodian background AI Operation & Digital Solution Director - IT Service Provider - 100-120K + B Head of Architecture - Information Technology

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Information Security Management Lead

PCCW

Posted 4 days ago

Job Viewed

Tap Again To Close

Job Description

2 days ago Be among the first 25 applicants

Talent Acquisition Lead @ PCCW Media / HKT

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

  • Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
  • Interface with technical teams to understand control implementation and translate findings into governance insights.
  • Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
  • Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
  • Support the development of security reporting and risk metrics
  • Contribute to the development and refinement of security policies, standards, and procedures.
  • Support audit and assessment activities, including evidence collection and coordination with internal teams.
  • Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

  • Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
  • Strong understanding of security controls across infrastructure, application, and cloud domains.
  • Proven ability to work with technical teams and translate technical content into business-friendly reporting.
  • Experience in preparing client-facing documentation and presentations.
  • Excellent written and verbal communication skills in English.
  • Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
  • Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

  • Experience in regulated industries such as finance, healthcare, or insurance.
  • Strong stakeholder engagement and coordination skills.
  • Detail-oriented with a proactive and structured approach to governance.
  • Familiarity with GRC
Seniority level
  • Seniority level Mid-Senior level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Information Technology Cybersecurity Analyst / Specialist Cybersecurity Detection and Response Analyst Technology Consulting - Cyber Security - Security Governance - Senior Associate - Hong Kong Principal IT Lead (Information Security) (Ref: IT-ISNS-PITL-IS-LI)) Sr. Analyst, IAM & Cloud Security Engineering, IT

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Senior/Junior Information Security Consultant (Governance, Risk and Compliance)

wizlynx group

Posted 5 days ago

Job Viewed

Tap Again To Close

Job Description

Senior/Junior Information Security Consultant (Governance, Risk and Compliance) Location: Hong Kong

Job Summary and Mission

This position contributes to the success of wizlynx group by performing the following:

  • Responsible for development and operational activities across the entire scope of our clients Security Governance, Risk and Compliance programs.
  • The job encompasses leading and participating in the assessment of security, risks, and control effectiveness for applications, infrastructure, and technology projects. The Specialist will identify, classify, and document control issues in our clients computing environment by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and regularly reporting to our clients IT management.
  • Serve as the primary contact point for issue escalation.
  • Manage service support requirements and ensure that quality plan, KPIs/SLAs are met.
  • Draft support SOP and documentation.
  • Models and acts in accordance with wizlynx group guiding principles.

With this position, you will also have the opportunity to get introduced to different areas of information and cyber security such as Offensive Security & Penetration Testing.

Summary of Key Responsibilities

  • Leads IT control assessments for our clients to ensure effective IT controls are in place to meet operational and compliance requirements.
  • Works with our clients IT, Internal Audit, Compliance and other key stakeholders to create an IT GRC strategy that complies with professional standards and addresses the IT risks inherent in our client’s operations and industry.
  • Develops Vendor Risk Management policies and supports client’s risk profile assessment for vendor onboarding process and conducts annual review of critical vendors.
  • Performs ongoing logical access reviews and recommends updates to access control privileges to ensure proper Segregation of Duties based on user access reviews.
  • Effectively reports and communicates testing results to client’s IT management for corrective action, where required.
  • Conducts information security awareness training.
  • Performs evidence collection and project management assistance of our clients annual compliance (e.g. CREST, PCI DSS) certification program.
  • Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place.
  • Assist our clients with drafting and maintaining information security policies.
  • Provides mentoring for other team members.
  • Demonstrates excellent project management skills, inspires teamwork and responsibility with engagement team members, and uses current technology/tools to enhance the effectiveness of deliverables and services.
  • Facilitates the performance and testing of our client’s annual disaster recovery tests and business continuity plans.

Summary of Ideal Experience, Skills, Knowledge, and Abilities

Ideal Experience

a) Senior GRC role:
A minimum of five years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation/architecture and consulting experience preferred.

b) Junior GRC role:
One to two years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation/architecture and consulting experience preferred.

  • Strong understanding of and ability to provide security configuration and testing of networking and operating systems including TCP/IP, WAN/LAN routing, VLAN architecture, and a wide array of large-scale environments including various major web application servers.
  • Strong understanding of information security principles such as ISO 27001, HKMA CFI, CRAF, HK SFC, HKIA Guideline on Cybersecurity (GL20), PCI-DSS, PDPO, and other regulatory compliance.

Language Skills

  • Fluent technical English (speech and writing).
  • Ability to communicate clearly and concisely, both orally and in writing, in local language.

Soft Skills

  • Excellent team leadership, team oriented and team player who takes ownership.
  • Flexible attitude, reliable, action oriented.
  • Customer friendly approach and appearance.
  • Willingness to travel.
  • Innovative to push new ideas, dynamic and forward looking with clear management principle towards the team.
  • Able to work independently, critical thinking and be able to communicate effectively with the support team and customers.
  • Enjoys working in global team with different cultures.

Technical Skills and Abilities

  • Microsoft OS and Office knowledge.
  • Technical document writing.
  • Experience in Project Management in IT.
  • Knowledge in perimeter firewall infrastructure and VPN remote access.

Summary of Education

  • Bachelor's degree from an accredited college/university in an appropriate field.

Certifications / Training

  • CISM, CISA, CRISC, CISSP certified.

KEY PERFORMANCE INDICATORS / MEASURES OF SUCCESS

  • Achieve agreed targets/SLA/KPI in terms of quality, time and cost.
  • Lead team members to achieve team/organizational goals.
  • Improve and retain high customer satisfaction.

POTENTIAL CAREER DEVELOPMENT

  • Advance to higher business development tiers or geographic reach.
APPLY NOW

Your Full Name

Your Email

Upload Resume

I grant wizlynx group my consent to the processing of my personal information for the job application purposes.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Web3 Security Data Analyst

Hong Kong, Hong Kong Binance

Posted 7 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Join to apply for the Web3 Security Data Analyst role at Binance .

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

Responsibilities
  • Analyze large-scale on-chain data to identify anomalous transactions and develop robust detection mechanisms
  • Enhance transaction detection capabilities across networks and refine risk monitoring frameworks
  • Use community discovery algorithms to identify associated malicious accounts and provide actionable intelligence
  • Design a comprehensive data prevention and control system integrating on-chain and off-chain data sources
  • Utilize supervised and unsupervised machine learning techniques to identify anomalous patterns (e.g. irregular transaction volumes, unusual wallet behaviors, atypical token movements) across decentralized networks
Requirements
  • Over 5 years of experience in blockchain, anti-fraud, risk control, or related fields, strong analytical skills and attention to detail
  • Proficient in SQL and experienced in using Python and Spark/Flink; solid understanding of common data mining and machine learning algorithms
  • Strong problem-solving and goal-oriented mindset with a proactive learning attitude; keen interest in Web3 security
  • Ability to work collaboratively in a fast-paced, dynamic environment
  • Fluency in English is required to be able to coordinate with overseas partners and stakeholders
  • Knowledge of blockchain and familiarity with on-chain data are considered strong pluses
Why Binance
  • Shape the future with the world’s leading blockchain ecosystem
  • Collaborate with world-class talent in a user-centric global organization with a flat structure
  • Tackle unique, fast-paced projects with autonomy in an innovative environment
  • Thrive in a results-driven workplace with opportunities for career growth and continuous learning
  • Competitive salary and company benefits
  • Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice .

Seniority level
  • Mid-Senior level
Employment type
  • Full-time
Job function
  • Information Technology and Engineering
Industries
  • Technology, Information and Internet

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Linux Cryptography and Security Engineer

Hong Kong, Hong Kong Canonical

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome
Linux Cryptography and Security Engineer

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

Linux Cryptography and Security Engineer

3 days ago Be among the first 25 applicants

Join to apply for the Linux Cryptography and Security Engineer role at Canonical

This is a unique opportunity to use your software engineering and cryptography skills to build and maintain the security foundation that enables Ubuntu and its users to operate securely and remain compliant to international information security standards such as FIPS 140-3 and Common Criteria. You will use your applied cryptography, Linux Security, and coding skills to enhance the Ubuntu distribution and work with organizations such as DISA and CIS to draft and implement security hardening benchmarks for Ubuntu.

As a member of the Security Hardening team you will work with and develop automation tooling to audit deployed systems for DISA-STIG and CIS benchmark compliance. You will interact with internal and external stakeholders to identify gaps in our frameworks, and develop new solutions to address these challenges. In this role you will have the opportunity to influence team and security culture, facilitate technical delivery, and help drive team direction and execution. You'll collaborate closely with Canonical's kernel team as well as the wider engineering organization to drive features impacting all Ubuntu users.

Day-to-day responsibilities

  • Collaborate with other engineers in the Security Hardening team to achieve and retain various Security certifications
  • Extend and enhance Linux cryptographic components (OpenSSL, Libgcrypt, GnuTLS, and others) with the features and functionality required for FIPS and CC certification
  • Collaborate with external security consultants to test and validate kernel and crypto module components
  • Work with external partners to develop security hardening benchmarks and audit + remediation automation for Ubuntu
  • Contribute to Ubuntu mainline and upstream projects to land solutions and benefit the community
  • Communication and collaboration within and outside Canonical to identify opportunities to improve our security posture, rapidly resolve issues, and deliver high-quality solutions on schedule

What we are looking for in you

  • Hands-on experience with low-level Linux cryptography APIs and debugging
  • Excellent software engineering fundamentals, including prior experience with C development, and the ability to demonstrate such
  • Hands-on experience with Linux system administration and shell scripting
  • Demonstrated knowledge of security and cryptography fundamentals + direct experience writing secure code and implementing best practices
  • Significant development experience working with open source libraries
  • Excellent verbal and written communications to enable efficient collaboration with internal and external partners in a remote-first environment

Additional Skills That You Might Also Bring

  • Prior experience working on FIPS/Common Criteria certified products and in-depth knowledge of the underlying standards
  • Prior experience working directly with DISA-STIG or CIS benchmarks, including related audit + remediation tooling (e.g. Compliance as Code)
  • Experience working directly with Linux Kernel
  • Prior experience with Python, OVAL (Open Vulnerability Assessment Language), and Ansible
  • History of contributions to open source projects

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

  • Distributed work environment with twice-yearly team sprints in person - we've been working remotely since 2004!
  • Personal learning and development budget of USD 2,000 per year
  • Annual compensation review
  • Recognition rewards
  • Annual holiday leave
  • Maternity and paternity leave
  • Employee Assistance Programme
  • Opportunity to travel to new locations to meet colleagues from your team and others
  • Priority Pass for travel and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm that is at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do.

Canonical has been a remote-first company since its inception in 2004. Work at Canonical is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game. Canonical provides a unique window into the world of 21st-century digital business.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level
  • Seniority level Entry level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Security Engineer jobs in Hong Kong SAR .

Hong Kong SAR $28,000.00-$5,500.00 3 weeks ago

Hong Kong, Hong Kong SAR SGD24,000.00-SGD60,000.00 1 month ago

Hong Kong SAR 4,800.00- 7,200.00 2 weeks ago

Hong Kong, Hong Kong SAR SGD72,000.00-SGD120,000.00 1 month ago

Software Developer (C++/ Crypto Trading) Software Engineer - Solutions Engineering Software Engineer (Python/Linux/Packaging) Software Engineer - Cross-platform C++ - Multipass

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
Be The First To Know

About the latest Information security Jobs in Hong Kong !

Ubuntu Security Engineer

Hong Kong, Hong Kong Canonical

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Join to apply for the Ubuntu Security Engineer role at Canonical

3 days ago Be among the first 25 applicants

Join to apply for the Ubuntu Security Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

Canonical is a leading provider of open source software and operating systems to the global enterprise and technology markets. Our platform, Ubuntu, is very widely used in breakthrough enterprise initiatives such as public cloud, data science, AI, engineering innovation, and IoT. Our customers include the world's leading public cloud and silicon providers, and industry leaders in many sectors. The company is a pioneer of global distributed collaboration, with 1200+ colleagues in 75+ countries and very few office-based roles. Teams meet two to four times yearly in person, in interesting locations around the world, to align on strategy and execution.

The company is founder-led, profitable, and growing.

Canonical is building a team dedicated to providing security coverage across a wide range of ecosystems and environments, working to make the world a better, safer place. We are hiring an Ubuntu Security Engineer to join an industry-leading security engineering team and help protect the open source community and Ubuntu users from emerging threats. We are looking for candidates across all levels of experience, from Graduate to Senior.

As part of the Ubuntu Security Team, you will work with some of the best and brightest people in technology to monitor, triage, respond to, and document new and existing vulnerabilities in open source software. You will collaborate with internal teams and external partners to identify issues, prioritize them, and coordinate remediation.

This is an engineering-focused role that may also involve activities such as producing security assessments, building features, conducting code reviews, developing internal tools, engaging with the open source community, and participating in industry initiatives and events.

This role requires international travel at least twice a year, usually for one week. It also requires the ability to be productive in a globally distributed team through self-discipline and self-motivation.

Location: Worldwide, this is a globally remote role

The role entails

  • Analyzing, fixing, and testing vulnerabilities in open source packages
  • Keeping track of vulnerabilities in the Ubuntu ecosystem as they are discovered, researched, and fixed, leveraging internal tools
  • Collaborating with other teams in the Ubuntu community and upstream developers, as needed, to exchange or develop vulnerability patches and ensure that Ubuntu includes the most robust security features
  • Auditing source code for vulnerabilities
  • Building features and tools to help teams strengthen the security of their products and contribute to the overall security of Ubuntu

What we are looking for in you

  • You have a thorough understanding of the common categories of security vulnerabilities and techniques for fixing them
  • You are familiar with coordinated disclosure practices
  • You are familiar with open source development tools and methodologies
  • You are skilled in one or more of C, Python, Go, Rust, Java, Ruby, PHP or JavaScript/TypeScript
  • You have excellent logic, problem-solving, troubleshooting, and decision-making skills
  • You can clearly and effectively communicate with the team and Ubuntu community members
  • Experience with Linux (Debian or Ubuntu preferred)
  • Excellent interpersonal skills, curiosity, flexibility, and accountability
  • Appreciative of diversity, polite, and effective in a multi-cultural, multi-national organization
  • Thoughtfulness and self-motivation
  • Result-oriented, with a personal drive to meet commitments

What we offer colleagues

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognize outstanding performance. In addition to base pay, we offer a performance-driven annual bonus or commission. We provide all team members with additional benefits which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

  • Distributed work environment with twice-yearly team sprints in person
  • Personal learning and development budget of USD 2,000 per year
  • Annual compensation review
  • Recognition rewards
  • Annual holiday leave
  • Maternity and paternity leave
  • Team Member Assistance Program & Wellness Platform
  • Opportunity to travel to new locations to meet colleagues
  • Priority Pass and travel upgrades for long-haul company events

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open-source projects and the platform for AI, IoT, and the cloud, we are changing the world of software. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence; in order to succeed, we need to be the best at what we do. Most colleagues at Canonical have worked from home since our inception in 2004. Working here is a step into the future and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level
  • Seniority level Entry level
Employment type
  • Employment type Full-time
Job function
  • Job function Information Technology
  • Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Security Engineer jobs in Hong Kong SAR .

Software Engineer (Python/Linux/Packaging)

Hong Kong SAR $4,800.00-$7,200.00 2 weeks ago

Senior Software Engineer - Crypto Trading Infrastructure Site Reliability Engineer (Crypto Trading) Python and Kubernetes Software Engineer - Data, AI/ML & Analytics Python and Kubernetes Software Engineer - Data, Workflows, AI/ML & Analytics Software Engineer - Solutions Engineering

Hong Kong, Hong Kong SAR SGD24,000.00-SGD60,000.00 1 month ago

Embedded Linux Senior Software Engineer - Optimisation Python Software Engineer - Ubuntu Hardware Certification Team Go (Golang) Software Engineer, Developer Tooling and Containers System Software Engineer - Golang compiler, tooling, and ecosystem Software Engineer - Cross-platform C++ - Multipass Golang Software Engineer, Developer Tooling and Containers C++/Rust Graphics and Windowing System Software Engineer - Mir

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Security Consultant

Hong Kong, Hong Kong Binance

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

Responsibilities
  • Lead security assessments and audits focusing on mobile applications and blockchain platforms.
  • Ensure the security of iOS applications by applying best practices in SWIFT development and mobile security mechanisms such as secure storage, sandbox isolation, anti-debugging, and Secure Enclave.
  • Conduct security reviews and audits of blockchain technologies, including multi-signature wallets, smart contracts, cryptographic algorithms (ECDSA, EdDSA), and private key management.
  • Collaborate with development teams to identify security risks and recommend mitigation strategies.
  • Provide clear and actionable security guidance, documentation, and training to technical and non-technical stakeholders.
  • Support compliance efforts by aligning security practices with industry standards and regulations.
  • Act as a part-time consultant when needed, offering expert advice and security strategy support.
Requirements
  • Extensive experience in iOS security, familiar with SWIFT.
  • Deep understanding of mobile security mechanisms including secure storage, sandboxing, anti-debugging, and Secure Enclave.
  • Proven ability to secure mobile applications throughout the development lifecycle.
  • Strong knowledge of blockchain technology and security.
  • Experience with multi-signature wallets, smart contract auditing, cryptographic algorithms (ECDSA, EdDSA), and private key management.
Nice-to-have
  • Proficiency in React framework and frontend security, including knowledge of common vulnerabilities such as XSS, CSRF, and SQL injection.
  • Experience reviewing frontend code and providing security optimization recommendations.
  • Familiarity with Go language development and backend security, including API security, data encryption, authentication/authorization (OAuth, JWT), and prevention of vulnerabilities like RCE and DoS.
  • Experience in security auditing and compliance, with knowledge of standards such as OWASP and ISO 27001.
  • Strong communication and consulting skills, capable of working as a part-time advisor, delivering security training, and producing clear documentation.
Why Binance
  • Shape the future with the world’s leading blockchain ecosystem
  • Collaborate with world-class talent in a user-centric global organization with a flat structure
  • Tackle unique, fast-paced projects with autonomy in an innovative environment
  • Thrive in a results-driven workplace with opportunities for career growth and continuous learning
  • Competitive salary and company benefits
  • Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success. By submitting a job application, you confirm that you have read and agree to our Candidate Privacy Notice.

Seniority level
  • Mid-Senior level
Employment type
  • Contract
Job function
  • Information Technology and Engineering
Industries
  • Technology, Information and Internet

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.

Senior Application Security Architect

Hong Kong, Hong Kong Binance

Posted 8 days ago

Job Viewed

Tap Again To Close

Job Description

workfromhome

Overview

Binance is a leading global blockchain ecosystem behind the world’s largest cryptocurrency exchange by trading volume and registered users. We are trusted by over 280 million people in 100+ countries for our industry-leading security, user fund transparency, trading engine speed, deep liquidity, and an unmatched portfolio of digital-asset products. Binance offerings range from trading and finance to education, research, payments, institutional services, Web3 features, and more. We leverage the power of digital assets and blockchain to build an inclusive financial ecosystem to advance the freedom of money and improve financial access for people around the world.

Responsibilities
  • Design and implement secure application architectures, considering factors like authentication, authorization, data protection, and vulnerability management etc.
  • Develop and maintain secure coding guidelines and standards.
  • Conduct architectural / security requirement reviews to identify/assess potential security risks and mitigate security risks that may be caused by new products, new functions, bug fixes, etc.
  • Develop and implement security controls and countermeasures to mitigate identified risks.
  • Conduct regular security audits or penetration testing.
  • Ensure compliance with relevant security standards and regulations (e.g., OWASP).
  • Stay up-to-date with the latest security threats and vulnerabilities and incident in the community etc.
  • For the company's product business area, conduct pre-research to deep understand the business and reserve security tech research
  • Gradually form a basis for risk identification based on different products and security solution
  • Communicate security risks and recommendations to stakeholders.
  • Provide guidance and mentorship to the teams on security suggestions and secure coding practices.
Requirements
  • A bachelor's degree or above in computer science or a related field
  • More than 6 years of application security experience or software development, more than 10 years is preferred
  • Strong understanding and execution of software development principles and SDLC
  • Proficient in mainstream Web application development technology, Java-based tech stack is preferred
  • Proficient in the causes and solutions of OWASP TOP 10 security issues
  • Proficient in technical implementation of common security solutions
  • Understand the basic techniques of penetration testing and security testing
  • Familiar with the use of static security scanning tools for code, as well as problem analysis and solution design
  • Understand the basic knowledge of mobile and web security
  • Systematically grasp the formation mechanism of application security vulnerabilities and have the ability to design corresponding solutions (in line with industry best security practices)
  • Understand the thinking of threat modeling and attack surface analysis, actual combat experience is preferred
  • Bilingual English/Mandarin is required to be able to coordinate with overseas partners and stakeholders.
  • Ability to work independently and as part of a team.
  • Strong problem-solving and analytical skills.
Why Binance
  • Shape the future with the world’s leading blockchain ecosystem
  • Collaborate with world-class talent in a user-centric global organization with a flat structure
  • Tackle unique, fast-paced projects with autonomy in an innovative environment
  • Thrive in a results-driven workplace with opportunities for career growth and continuous learning
  • Competitive salary and company benefits
  • Work-from-home arrangement (the arrangement may vary depending on the work nature of the business team)

Binance is committed to being an equal opportunity employer. We believe that having a diverse workforce is fundamental to our success.

#J-18808-Ljbffr
This advertiser has chosen not to accept applicants from your region.
 

Nearby Locations

Other Jobs Near Me

Industry

  1. request_quote Accounting
  2. work Administrative
  3. eco Agriculture Forestry
  4. smart_toy AI & Emerging Technologies
  5. school Apprenticeships & Trainee
  6. apartment Architecture
  7. palette Arts & Entertainment
  8. directions_car Automotive
  9. flight_takeoff Aviation
  10. account_balance Banking & Finance
  11. local_florist Beauty & Wellness
  12. restaurant Catering
  13. volunteer_activism Charity & Voluntary
  14. science Chemical Engineering
  15. child_friendly Childcare
  16. foundation Civil Engineering
  17. clean_hands Cleaning & Sanitation
  18. diversity_3 Community & Social Care
  19. construction Construction
  20. brush Creative & Digital
  21. currency_bitcoin Crypto & Blockchain
  22. support_agent Customer Service & Helpdesk
  23. medical_services Dental
  24. medical_services Driving & Transport
  25. medical_services E Commerce & Social Media
  26. school Education & Teaching
  27. electrical_services Electrical Engineering
  28. bolt Energy
  29. local_mall Fmcg
  30. gavel Government & Non Profit
  31. emoji_events Graduate
  32. health_and_safety Healthcare
  33. beach_access Hospitality & Tourism
  34. groups Human Resources
  35. precision_manufacturing Industrial Engineering
  36. security Information Security
  37. handyman Installation & Maintenance
  38. policy Insurance
  39. code IT & Software
  40. gavel Legal
  41. sports_soccer Leisure & Sports
  42. inventory_2 Logistics & Warehousing
  43. supervisor_account Management
  44. supervisor_account Management Consultancy
  45. supervisor_account Manufacturing & Production
  46. campaign Marketing
  47. build Mechanical Engineering
  48. perm_media Media & PR
  49. local_hospital Medical
  50. local_hospital Military & Public Safety
  51. local_hospital Mining
  52. medical_services Nursing
  53. local_gas_station Oil & Gas
  54. biotech Pharmaceutical
  55. checklist_rtl Project Management
  56. shopping_bag Purchasing
  57. home_work Real Estate
  58. person_search Recruitment Consultancy
  59. store Retail
  60. point_of_sale Sales
  61. science Scientific Research & Development
  62. wifi Telecoms
  63. psychology Therapy
  64. pets Veterinary
View All Information Security Jobs