What Jobs are available for Infosec Analyst in Hong Kong?

Job Purpose

You will be responsible for carrying out information security functions and activities for the Technology function.

Responsibilities

• Protect the confidentiality, integrity and availability of all assets and systems through monitoring, detection, and analysis activities
• Review and assess information security requests to determine compliance with organizational policies and standards.
• Prepare and present cybersecurity-related reports, highlighting risks, incidents, and remediation efforts.
• Facilitate the annual recertification process for user access and security controls.
• Collaborate with IT teams to implement security measures, and remediate the audit findings
• Participate in and manage security-related projects to enhance overall security posture.
• Support Information security team to develop and implement security policies, procedures and guidelines
• Validate information security controls effectiveness and agreed deliverables to assure security standards/plans are achieved.
• Review the current IT Security solution and Security Policy to identify potential gaps within the organisation
• Undertake monitoring of security controls and policy adherence in line with Bupa policies based on ISO27001 and NIST Cybersecurity
• Monitor the security controls for security breaches and investigate violations
• Conduct risk and vulnerability assessment at the network, system and application level, and assess resulting impact on risk

Qualifications, Training and Experience

• Relevant Bachelor's/Master's degree holder from a recognized university
• 3-5 years of relevant work experience on managing security technologies
• Work experience in cloud security solution experience (Wiz preferred)
• Work experience in web proxy / SASE solutions (Palo Alto Prisma SASE preferred)
• Work experience cloud platforms (Azure, GCP preferred)
• Experience in managing security solutions, such as Wiz, Palo Alto Prisma, Zscaler, MS Defender, Imperva, Cloudfare
• Scripting skills, such as Terraforms, MS PowerShell, Python
• Good communication skills and the ability to collaborate well with across departments
• Able to demonstrate a positive, logical, and proactive approach while executing the assigned tasks
• Certification holder in information security (CISSP, CISA, etc.) will be an advantage.
• Ability to prioritize work and design schedules to meet the desired requirements

Bupa offers 5 days' work per week and comprehensive remuneration packages including base salary, study assistance plan, company pension plan, life and medical benefit, dental benefit, annual leave, examination leave, etc.

Bupa is an equal opportunity employer and welcomes applications from qualified candidates. Information provided will be treated in strict confidence and only be used for consideration of application with Bupa.

Personal data collected will be used for recruitment purposes only. Bupa will be in touch for any opportunities that matches your profile. All personal data of unsuccessful application will be destroyed 24 months from the date of receiving the application. Full version of Data Privacy Notice available upon request.

Key Responsibilities:

• Monitor and analyze security alerts and incidents to identify potential threats.
• Assist in conducting vulnerability assessments and penetration testing.
• Support the implementation of security measures and protocols.
• Maintain and update security documentation, including incident reports and risk assessments.
• Collaborate with IT teams to ensure compliance with security standards and best practices.
• Participate in security awareness training for staff.
• Stay up-to-date with the latest security trends and technologies.

Qualifications:

• Bachelor's degree in Cyber Security, Information Technology, or a related field (or equivalent experience).
• Basic understanding of network security concepts, firewalls, and intrusion detection systems.
• Familiarity with security tools and technologies (e.g., SIEM, antivirus, encryption).
• Strong analytical and problem-solving skills.
• Excellent communication and teamwork abilities.
• Relevant certifications (e.g., CompTIA Security+, CEH) are a plus.
• Cantonese is a must

Job Description:

• Minimum of 2 years of experience in information security or a similar role.
• Strong understanding of information security principles, standards, and best practices.
• General knowledge in industry regulations and framework such as NIST Cybersecurity Framework, ISO27001 or PCI DSS.
• Experience with security assessment tools and techniques.
• Knowledge in network and system security, including firewalls, intrusion detection/prevention systems, and endpoint protection.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
• Relevant certifications such as CISSP, CISM, or CEH are desirable.

About PureSoftware:

PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world's top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform.

PureSoftware is Great Place to Work Certified in India for the third consecutive year

You can visit our website

Are you dedicated to excellence in your work? Do you excel in a team-oriented environment, upholding integrity and responsibility while embracing opportunities for growth? We welcome you to join a dynamic team committed to outstanding performance.

We are a globally renowned organization in the hospitality sector, celebrated for delivering unparalleled experiences in top-tier locations worldwide. Our focus on innovation and exceptional service fuels our success, and we are looking for a skilled professional to enhance our cybersecurity team.

Position Title: Security Analyst

Position Objective:

The Security Analyst will contribute to global cybersecurity efforts by overseeing, evaluating, and strengthening security measures across on-premises, cloud, and mobile platforms. This role will partner with security engineers, architects, and IT teams to identify, analyze, and mitigate threats, ensuring compliance and robustness throughout our digital infrastructure.

Key Responsibilities:

• Oversee the performance, reliability, stability, and compliance of security systems, working with business units to address deficiencies
• Identify and respond to network irregularities and malware incidents across various security tools
• Administer and monitor Data Loss Prevention (DLP) solutions for networks, hosts, and cloud environments
• Examine and handle alerts from Security Information and Event Management (SIEM) systems
• Supervise email and spam filtering systems, addressing malicious activities
• Manage application whitelisting and file integrity monitoring processes
• Ensure adherence to cybersecurity configurations through vulnerability management tools
• Address vulnerabilities and findings from penetration testing
• Undertake additional tasks as directed by the Manager, Security Architecture

Qualifications:

• Bachelor's degree in Information Systems, Computer Science, or comparable experience
• 2–4 years of experience in IT or cybersecurity positions
• Proficient in SIEM, Intrusion Detection/Prevention Systems (IDS/IPS), malware defense, DLP, Identity and Access Management (IAM), vulnerability scanning, and incident response

Our Commitment to You:

• Learning & Development: We support your success with customized training programs to foster your career growth.
• Travel Perks: Benefit from complimentary stays and discounted rates at our global properties for you and your family.
• Health & Wellness: We provide a range of health benefits and wellness initiatives to promote a balanced lifestyle.
• Retirement Benefits: Depending on your role and length of service, we offer retirement plans to honor your dedication.

A leading multinational servicing company is looking to strengthen their cybersecurity team by recruiting a Security Analyst. This role reports to the Security Architecture Manager and will be responsible for supporting global cybersecurity operations by monitoring, analyzing, and maintaining the security posture across on-premises, cloud, and mobile environments.

Candidates should have exposure in the following:

• Minimum 2 to 4 years of experience in IT or cybersecurity roles
• Strong knowledge of SIEM, IDS/IPS, malware protection, Data Loss Prevention (DLP), Identity and Access Management (IAM), vulnerability scanning, and incident response
• Proven ability to detect and respond to network anomalies and malware events across multiple security platforms
• Experience managing and monitoring DLP solutions, email filtering systems, and application whitelisting
• Skilled at investigating and managing SIEM alerts and overseeing cybersecurity configuration compliance via vulnerability management tools
• Bachelor's degree in Information Systems, Computer Science, or equivalent experience

This role requires strong collaboration skills to work closely with security engineers, architects, and IT teams to ensure compliance and resilience across the organization's digital infrastructure.

For more information, please contact OR WhatsApp

Job Responsibilities:

• Develop and implement appropriate security measures to safeguard the delivery of IT services. Research and evaluate new technologies in adapting security protection to the latest threat landscape
• Participate in security monitoring, detecting and analysis of events related to security
• To protect client's applications and servers from attacks by deploying countermeasures on the spot
• To commence emergency recovery procedures through mitigations promptly
• To support customers by diagnosing the occurrence of incidents, and directly coordinate with clients over the phone, email and other supporting instant message tools
• To participate in the 24x7 operation and ensure a smooth and efficient operation

Job Requirements:

• University Degree or Diploma holder on Computer Studies or Information Technology is preferred.
• Knowledge of Network Security is a must
• Experience in handling DDOS events would be a preference
• Work experience in Security Operations Center (SOC) would be a preference
• Self-motivated team player with strong sense of responsibilities, service and customer oriented.
• Mature, independent with good communication skills.
• Conversational in English and/or Chinese.
• 24x7 roster shift duty is required

Job Description:

As an IT Security Analyst, you will play a critical role in safeguarding our organization's digital assets and infrastructure. You will be responsible for monitoring and analyzing security events, identifying potential threats, and responding to security incidents. Your expertise will be essential in conducting vulnerability assessments, implementing security controls, and ensuring compliance with industry standards and regulations. You will collaborate with cross-functional teams to develop and maintain security policies, procedures, and awareness programs, while staying abreast of the latest security trends and technologies. Your proactive approach to threat detection and incident response will be vital in maintaining the confidentiality, integrity, and availability of our systems and data.

Core Responsibilities & Duties:

• Security Monitoring and Analysis:

• Monitor security logs, network traffic, and system events for suspicious activity.

• Analyze security alerts and events to identify potential threats and vulnerabilities.
• Utilize security information and event management (SIEM) tools to detect and correlate security incidents.

• Incident Response:

• Participate in incident response activities, including containment, eradication, and recovery.

• Conduct forensic analysis to investigate security breaches and determine the root cause.
• Document security incidents and response actions.

• Vulnerability Management:

• Conduct vulnerability assessments and penetration testing to identify security weaknesses.

• Prioritize and track vulnerabilities and recommend remediation actions.
• Manage and maintain vulnerability scanning tools.

• Security Control Implementation:

• Implement and maintain security controls, such as firewalls, intrusion detection/prevention systems (IDS/IPS), and antivirus software.

• Configure and manage security systems and applications.
• Ensure security controls are properly implemented and maintained.

• Compliance and Auditing:

• Assist in security audits and compliance assessments (e.g., GDPR, HIPAA, PCI DSS).

• Develop and maintain security policies, procedures, and standards.
• Ensure compliance with relevant security regulations and industry best practices.

• Security Awareness and Training:

• Develop and deliver security awareness training programs for2 employees.

• Educate users on security best practices and potential threats.
• Promote a security-conscious culture within the organization.

• Threat Intelligence:

• Stay up to date on the latest security threats and vulnerabilities.

• Research and analyze threat intelligence to identify potential risks.
• Provide threat intelligence reports and recommendations.

• Collaboration and Communication:

• Collaborate with cross-functional teams to address security concerns.

• Communicate security risks and recommendations to stakeholders.
• Provide clear and concise security reports and documentation.

• Documentation and Reporting:

• Maintain accurate and up-to-date security documentation.

• Generate regular security reports and metrics.
• document security procedures.

Qualifications:

• A degree in the field of Computer Science or related field, or equivalent experience is required
• 5 + years of experience in IT information security

· Strong technical and consulting skills, project management capability

· Experience with security and risk frameworks, standards, and best practices

· Able to present effectively to executive level in both business and IT terms

Skills:

• The ideal candidate will possess a "can do" attitude with a "will do" work ethic
• Quick thinker, experienced in unconventional problem solving
• Excellent understanding of business complexity and project interdependencies
• Excellent communication, written, verbal, analytical and problem-solving skills
• Suitable time management skills and ability to meet deadlines
• Strong understanding of the organization's goals and objectives
• Exceptional interpersonal skills, with a focus on listening and questioning skills
• Strong documentation skills
• Ability to conduct research into a wide range of computing issues as required
• Ability to absorb and retain information quickly
• Ability to present ideas in user-friendly language to non-technical staff and end users
• A keen attention to detail
• Ability to effectively prioritize and execute tasks in a high-pressure environment
• Exceptional customer service orientation
• Experience working in a team-oriented, collaborative environment

We offer an exciting work environment and excellent career development opportunities. If you have the desire for an exciting and rewarding career, please send us your resume immediately, quoting your present and expected salary as well as the reference number to Human Resources Department.

Personal data collected would be used for recruitment purpose only.

Who we are
About BBPOS
BBPOS is one of the world leaders in payment devices and the inventors of mPOS technology. BBPOS products are used by large retailers and leading online platforms across multiple industries. BBPOS is engaged in the business of manufacturing and supplying mobile and smart point-of-sale hardware, and the underlying software and infrastructure to deploy, manage, and monitor those devices. BBPOS is now part of Stripe's Terminal business since the acquisition in March 2022.

About the team
Post acquisition, the BBPOS team is now an extension of the Stripe Terminal team. Stripe Terminal helps Stripe users extend their online presence into the physical world. The Terminal team's mission is to make it as easy for businesses to accept in-person payments as the Stripe API has done for online payments. With Terminal, businesses can unlock in-person payments use cases that are right for their business model—whether it's creating a flagship retail experience, extending their website to a pop-up store, or enabling a mobile point-of-sale at their next event.

Stripe is a financial infrastructure platform for businesses. Millions of companies—from the world's largest enterprises to the most ambitious startups—use Stripe to accept payments, grow their revenue, and accelerate new business opportunities.

Responsibilities:

• Conduct vulnerability assessments, threat modeling, and penetration testing of web applications to identify security vulnerabilities and weaknesses.
• Perform code reviews and analyze application designs to identify and mitigate security risks.
• Develop and implement secure coding standards and practices for application development.
• Collaborate with the software team to integrate security into the software development life cycle (SDLC) and assist in setting up the security pipeline for integration.
• Provide guidance and recommendations to the software team on how to remediate identified security vulnerabilities and weaknesses.
• Participate in all security-related initiatives such as bug bounty programs, hacker challenges, and penetration tests, and assist in defining the scope and testing approach for all assessments or programs.
• Engage in incident response activities, triage, investigate, and respond to security incidents.
• Stay up-to-date with the latest security threats, vulnerabilities, and technologies.
• Report to the Cyber Security Manager.

Requirements:

• Bachelor's degree in computer science, information security, or a related field.
• 2+ years of experience in an application security role.
• Strong knowledge of web application security concepts and techniques.
• Experience with vulnerability assessment and penetration testing tools, such as Burp Suite, Nmap, and Metasploit, will be an advantage.
• Experience with programming languages, such as Java, Python, and .NET.
• Familiarity with web application development frameworks, such as Spring and React.
• Knowledge of security standards and frameworks, such as OWASP, NIST, and ISO.
• Understanding of cloud service providers and their offerings, preferably AWS, and its technologies and services will be an advantage.
• Strong analytical and problem-solving skills.
• Excellent written and verbal communication skills.
• Candidates with less experience will be considered for the role of Application Security Analyst.

For more information of the BBPOS and our career opportunities, please visit our website

We offer long-term career prospect and competitive remuneration package to the appointed candidate.

Personal data collected will be used for recruitment purposes only. Applicants not contacted within 8 weeks of applying should consider their applications unsuccessful.

The Job

• Provide professional security advisory service to customers by designing and proposing security solutions meeting customer's objectives
• Understand customer's IT challenges and security requirements; and provide suggestions and comments to development team from technical and pre-sales perspectives of information security
• Directs an ongoing, proactive risk assessment program for all new and existing systems and business processes; communicates risks and recommendations to mitigate risks to the senior management in term of non-technical and cost/benefit for decision making
• Ensures vulnerabilities are managed by directing periodic vulnerability scans of servers connected to Company's networks; and support other department to ensure regulatory compliance in areas of ISO 27001 and PCI DSS
• Evaluates security incidents and determines what response, if any, is needed and coordinates Company's responses when sensitive information is breached
• Assist and conduct security risk assessment & audit for both internal and customers

The Person

• Degree holder or above in Computer Science / Information Technology or related disciplines, or with qualification equivalent to Level 5 of Hong Kong Qualifications Framework (QF)
• 4-5 years of varied information technology experience on computer and networking infrastructure, operating systems, application software development, project management, regulatory compliance, and risk management.
• Good knowledge and experience in security planning and design with different technologies / solution
• Professional certification (CISSP, CCSK, CCSP, CISA, CISM, etc.) is preferred
• At lease one of the CISSP, ISO/IEC27001 LA, CISM and CEH
• Effective verbal and written communication skills and proficiency in writing technical specifications are required.
• Proficient in written and spoken English and Chinese
• Creatively and critical thinking, responsible
• Candidate with less experience will be considered as Security Analyst

Securities Responsibilities

• Ensure compliance with FUJIFILM Business Innovation Information Security Rule, Policies and procedures at all time.
• Responsible for maintaining security of all FUJIFILM Business Innovation information entrusted to and not limiting to proper classification & handling of FUJIFILM Business Innovation documents and records.
• Complete Information Security training and awareness program on regular basis and possess enough knowledge to adhere to FUJIFILM Business Innovation Information Security requirements.
• Responsible for identifying, reporting and complying with Information Security Incident & Reporting Procedure.
• Failing to comply with the security policies could be subject to disciplinary action, potentially including termination of employment or contract and/or prosecution.

Why you should consider this opportunity:

We offer attractive remuneration package with fringe benefits to right candidates. such as

• 5 days work week
• Medical insurance
• Dental insurance
• On-job training
• 12 days' annual leave
• Blissful leave of maximum 25 days per year (including birthday leave, wedding anniversary leave, children graduation leave, volunteer leave, pet healthcare leave, home purchase, etc)

To discuss this opportunity further, please send your full resume, current and expected salary by clicking "Apply Now".

We are an equal opportunity employer and welcome applications from all qualified candidates. All information provided will be treated in strict confidence and used for recruitment purposes only. Applicants not hearing from us within six weeks may consider their applications unsuccessful. All date of unsuccessful applications will be destroyed after six months.