425 IT Security Management jobs in Hong Kong

Join to apply for the Security Risk Management Specialist role at Canonical

Join to apply for the Security Risk Management Specialist role at Canonical

In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do.
To support this we need to use industry best practices paired with emerging threat information to to promote risk identification, quantification, impact analysis, and modelling to ultimately drive decision making. In this role, you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will not only work within the team but also cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. Additionally, the team collaborates with our Organisational Learning and Development team to develop playbooks and facilitate security training across Canonical.
The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices
• Grow the presence and thought leadership of Canonical security risk management practice
• Develop Canonical security risk learning and development materials
• Work with Security leadership to present information and influence change
• Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
• Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
• Participate in risk management, decision-making, and collaborative discussions
• Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
• Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
• Develop templates and materials to help with self-service risk management actions
• Monitor and identify opportunities to improve the effectiveness of risk management processes
• Launch campaigns to perform security assessments and help mitigate security risks across the company
• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities.
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
• Expertise in threat modelling and risk management frameworks
• Broad knowledge of how to operationalize the management of security risk
• Experience in Secure Development Lifecycle and Security by Design methodology
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  

• Seniority level Entry level

• Employment type Full-time

• Job function Finance and Sales
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Get AI-powered advice on this job and more exclusive features.

Company Description
Founded in 1908, Bank of Communications Co., Ltd. (Stock Code: 3328) is one of the oldest banks in China and a banknote-issuing institution. The bank is listed on the Hong Kong Stock Exchange and the Shanghai Stock Exchange. BOCOM operates 30 provincial branches and a network of 2,637 locations across 173 cities and 112 counties in China, with overseas centers in Hong Kong, New York, San Francisco, Tokyo, Singapore, Seoul, Frankfurt, Macau, Ho Chi Minh City, and Sydney; one subsidiary bank in the U.K. and one representative office in Taipei. BOCOM aims to become a first-class listed universal banking group focused on international expansion and wealth management.

Job Description

• Motivate an effective security operations team to oversee the security services
• Follow up the incident report and drive the analysis of security incidents
• Analyze industry trends and make recommendations to Senior Management for improving risk exposure
• Manage external vendors with regular communications and ad-hoc work as assigned
• Degree holder or above in Business Administration or related disciplines
• Minimum 5 years' work experience in security service industry or disciplinary service
• Excellent leadership with practical knowledge and good problem-solving skills
• Self-motivated with professional appearance and customer-oriented mindset
• Strong analytical mind with good communication and interpersonal skills

• Mid-Senior level

• Full-time

• Accounting/Auditing and Finance

• Banking and Investment Banking

Notes: This listing reflects the role details and is subject to change. This description retains essential information for applicants and does not include extraneous site notices.

About Us
We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy.

We're unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

Are you an experienced cyber security professional ready to dive deeper into the realm of Incident Response? Do challenging and complex investigations spanning thousands of systems sound exciting?

Then you have found the right position You will be working with a group of talented cyber security specialists, supporting the world's leading provider of secure financial messaging services. In this position your effort and expertise are highly valued and critical to the global financial market. By joining the APAC team and you will also have the opportunity to contribute to cutting-edge security initiatives at the very forefront of technology.

What To Expect

• Conduct Daily Operational Security Monitoring
• Lead complex depth Security Investigations
• Contribute to industry-leading security initiatives
• Perform Threat Hunting and Threat Intelligence activities
• Create, Update and Maintain security process documentation
• Collaborate with security teams to improve Swift's security posture

What Will Make You Successful

• Bachelor's degree in Computer Science, Engineering or other related field
• 5+ years of experience in a Cyber Security domain, preferably Incident Response
• In-depth understanding of Computer Networks, Windows and Linux OS
• Fluency in English – written and oral
• Willingness to work weekend shifts
• Professional Certifications such as GCIH, GCFA, CISSP, OSCP or others

Swift for you

• Provide extensive training opportunities such as SANS and soft-skill trainings
• Competitive package and excellent work-life balance
• We put you in control of your career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals—like you—with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.

If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.

Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

What We Offer
We put you in control of career

We give you a competitive package

We help you perform at your best

We help you make a difference

We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.
If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.
Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Get AI-powered advice on this job and more exclusive features.

Company Description
Founded in 1908, Bank of Communications Co., Ltd. (Stock Code: 3328) is one of the oldest banks in China and a banknote-issuing institution. The bank is listed on the Hong Kong Stock Exchange and the Shanghai Stock Exchange. BOCOM operates 30 provincial branches and a network of 2,637 locations across 173 cities and 112 counties in China, with overseas centers in Hong Kong, New York, San Francisco, Tokyo, Singapore, Seoul, Frankfurt, Macau, Ho Chi Minh City, and Sydney; one subsidiary bank in the U.K. and one representative office in Taipei. BOCOM aims to become a first-class listed universal banking group focused on international expansion and wealth management.

Job Description

• Motivate an effective security operations team to oversee the security services
• Follow up the incident report and drive the analysis of security incidents
• Analyze industry trends and make recommendations to Senior Management for improving risk exposure
• Manage external vendors with regular communications and ad-hoc work as assigned
• Degree holder or above in Business Administration or related disciplines
• Minimum 5 years' work experience in security service industry or disciplinary service
• Excellent leadership with practical knowledge and good problem-solving skills
• Self-motivated with professional appearance and customer-oriented mindset
• Strong analytical mind with good communication and interpersonal skills

• Mid-Senior level

• Full-time

• Accounting/Auditing and Finance

• Banking and Investment Banking

Notes: This listing reflects the role details and is subject to change. This description retains essential information for applicants and does not include extraneous site notices.

Overview

Security Management Specialist (Cyber Security) – APAC team, working with a group of cyber security specialists at the world’s leading provider of secure financial messaging services.

We are headquartered in Belgium and support the global economy by moving value securely across borders. We innovate and evolve to maintain trust in a dynamic financial ecosystem.

• Conduct Daily Operational Security Monitoring
• Lead complex depth Security Investigations
• Contribute to industry-leading security initiatives
• Perform Threat Hunting and Threat Intelligence activities
• Create, Update and Maintain security process documentation
• Collaborate with security teams to improve Swift’s security posture

• Bachelor’s degree in Computer Science, Engineering or related field
• 5+ years in a Cyber Security domain, preferably Incident Response
• In-depth understanding of computer networks, Windows and Linux OS
• Fluency in English – written and oral
• Willingness to work weekend shifts
• Professional Certifications such as GCIH, GCFA, CISSP, OSCP or others

• Provide extensive training opportunities such as SANS and soft-skill trainings
• Competitive package and excellent work-life balance
• We put you in control of your career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

• We put you in control of career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

We are committed to a diverse and inclusive environment where everyone's voice counts and you can reach your full potential. If you require reasonable accommodation during the application or interview process, please contact us to request accommodation.

• Mid-Senior level

• Full-time

• Engineering and Information Technology

Location: Kwun Tong District, Hong Kong SAR

Security Management Specialist (Cyber Security) – APAC team, working with a group of cyber security specialists at the world’s leading provider of secure financial messaging services.

We are headquartered in Belgium and support the global economy by moving value securely across borders. We innovate and evolve to maintain trust in a dynamic financial ecosystem.

• Conduct Daily Operational Security Monitoring
• Lead complex depth Security Investigations
• Contribute to industry-leading security initiatives
• Perform Threat Hunting and Threat Intelligence activities
• Create, Update and Maintain security process documentation
• Collaborate with security teams to improve Swift’s security posture

• Bachelor’s degree in Computer Science, Engineering or related field
• 5+ years in a Cyber Security domain, preferably Incident Response
• In-depth understanding of computer networks, Windows and Linux OS
• Fluency in English – written and oral
• Willingness to work weekend shifts
• Professional Certifications such as GCIH, GCFA, CISSP, OSCP or others

• Provide extensive training opportunities such as SANS and soft-skill trainings
• Competitive package and excellent work-life balance
• We put you in control of your career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

• We put you in control of career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

We are committed to a diverse and inclusive environment where everyone's voice counts and you can reach your full potential. If you require reasonable accommodation during the application or interview process, please contact us to request accommodation.

• Mid-Senior level

• Full-time

• Engineering and Information Technology

Location: Kwun Tong District, Hong Kong SAR

Join to apply for the Section Head, Security Management role at Bank of Communications Co., Ltd. London Branch

Company Description

Founded in 1908, Bank of Communications Co., Ltd. (Stock Code: 3328) is one of the oldest banks in China, and also acted as one of the country’s banknote-issuing institutions. The bank was listed on the Stock Exchange of Hong Kong Limited and the Shanghai Stock Exchange in June 2005 and May 2007 respectively. At present, apart from Tibet, BOCOM comprises 30 provincial branches across provinces, municipalities and autonomous regions, plus a network of 2,637 operating locations in 173 cities and 112 counties nationwide. Beyond China, BOCOM has established overseas centers in Hong Kong, New York, San Francisco, Tokyo, Singapore, Seoul, Frankfurt, Macau, Ho Chi Minh City, and Sydney; one subsidiary bank in the U.K. and one representative office in Taipei. BOCOM’s development strategy is to become a first class listed universal banking group focusing on international expansion and specializing in wealth management.

Job Description

• Lead and motivate an effective security operations team to oversee the security services
• Develop strategies for the protection of company asset and security management effectively supporting the company’s operations
• Lead the incident response mechanism and drive the analysis of security incidents
• Analyze industry trends and make recommendation to Senior Management for improving risk exposure
• Manage the external vendors in respect of regular communications and ad-hoc work as assigned
• Degree holder or above in Business Administration or related disciplines
• Minimum 8 years' work experience in security service industry or disciplinary service
• Excellent leadership with practical knowledge and good problem-solving skills
• Self-motivated with professional appearance and be customer-oriented
• Strong analytical mind with good communication and interpersonal skills

• Mid-Senior level

• Full-time

• Accounting/Auditing and Finance

• Banking and Investment Banking

Referrals increase your chances of interviewing at Bank of Communications Co., Ltd. London Branch by 2x

Join to apply for the Section Head, Security Management role at Bank of Communications Co., Ltd. London Branch

Company Description

Founded in 1908, Bank of Communications Co., Ltd. (Stock Code: 3328) is one of the oldest banks in China, and also acted as one of the country’s banknote-issuing institutions. The bank was listed on the Stock Exchange of Hong Kong Limited and the Shanghai Stock Exchange in June 2005 and May 2007 respectively. At present, apart from Tibet, BOCOM comprises 30 provincial branches across provinces, municipalities and autonomous regions, plus a network of 2,637 operating locations in 173 cities and 112 counties nationwide. Beyond China, BOCOM has established overseas centers in Hong Kong, New York, San Francisco, Tokyo, Singapore, Seoul, Frankfurt, Macau, Ho Chi Minh City, and Sydney; one subsidiary bank in the U.K. and one representative office in Taipei. BOCOM’s development strategy is to become a first class listed universal banking group focusing on international expansion and specializing in wealth management.

Job Description

• Lead and motivate an effective security operations team to oversee the security services
• Develop strategies for the protection of company asset and security management effectively supporting the company’s operations
• Lead the incident response mechanism and drive the analysis of security incidents
• Analyze industry trends and make recommendation to Senior Management for improving risk exposure
• Manage the external vendors in respect of regular communications and ad-hoc work as assigned
• Degree holder or above in Business Administration or related disciplines
• Minimum 8 years' work experience in security service industry or disciplinary service
• Excellent leadership with practical knowledge and good problem-solving skills
• Self-motivated with professional appearance and be customer-oriented
• Strong analytical mind with good communication and interpersonal skills

• Mid-Senior level

• Full-time

• Accounting/Auditing and Finance

• Banking and Investment Banking

Referrals increase your chances of interviewing at Bank of Communications Co., Ltd. London Branch by 2x

Cyber Security and IT Governance Cluster is the first line of defense Control Function to ensure that effective cybersecurity controls are in place in addressing the emerging cyber threats. The Cluster consists of Cyber Security Management (CSM), IT Policy and Compliance (ITPC) and Parameter and User Access Management (PUAM). Its function includes but not limited to the establishment and management of the cybersecurity organization, policies framework development, controls architecture, cybersecurity incident management, cybersecurity awareness, third party security, collaboration with external interested parties, cyber threats intelligence, cybersecurity and IT compliance monitoring, audit and compliance assessment coordination, issues remediation management, and parameter and user access management.

The role of the Head of Cyber Security Management holds the management responsibilities to the Cyber Security Management (CSM) and Parameter and User Access Management (PUAM) functions, with the following responsibilities:

• Formulate the overall strategies and goals of Cyber Security Management, establish annual and long-term cybersecurity strategies, programme.
• Develop and manage a framework for evaluating the maturity of the cybersecurity programme and a roadmap for continual improvement.
• Responsible for formulating cybersecurity control requirements, including policies, procedures and standards.
• Develop and adopt a management system to manage cybersecurity holistically and systemically in addressing the stakeholder security governance requirements and the strategic objectives, and to have appropriate management processes and systems in place that to confirm the requirements of the interested parties, such as Regulators, Head Office and Senior Management etc.
• Provide cybersecurity advice and guidance to the Control Owner on the effective design of its control measures.
• Monitor and evaluate the design and effectiveness of relevant control measures, including organizing the formulation of control effectiveness indicators and conducting regular evaluation and inspections.
• Stay abreast of emerging cybersecurity threats, trends and technologies, continuously enhancing the Bank's security postures.
• Manage team performance and support career guidance of a high performing teams the support cybersecurity management, parameter and user access management.
• Adopting management and security governance model to define and allocate roles and responsibilities for the protection of individual assets and for carrying out specific security processes.

• Define the management requirements, scope, roles and responsibilities, management processes and its interfaces for the following control domains under the Cyber Security Management, and Parameter and User Access Management, oversee the delivery of the corresponding services:

• Data Security Technical Control Management,

• Organization of Cyber Security (Including organizational structure, roles and responsibilities),
• Human Awareness Security,
• Policies Framework Management,
• Control Architecture Management,
• Cyber Security Incident Management,
• Threat Intelligence Management,
• Third Party Security Management,
• Secure System Development Management,
• Parameter and User Access Management.
• Provide directions, guidance and oversights to the IT Operations Center and IT Development Center on embedding cybersecurity requirements into its areas of responsibilities and functions; (i.e. Security Operations, including endpoints, network, infrastructure, operations security and Secure Development).
• Develop, manage and analyze the key monitoring indicators (e.g. KCI) to monitor and report the effectiveness of the cyber security controls.
• Present and report cybersecurity postures regularly to senior management and various levels of organization committees.
• Identify and resolve management issues, optimize management processes and operational workflows, to optimize the resources utilization and achieve operational efficiency.
• Responsible for any other responsibilities as directed by the Head of Cyber Security and IT Governance.

REQUIREMENT:

• Degree holder in Cyber Security / Computer Science / Information Technology or related discipline;
• Minimum 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management or IT Audit, preferably with experience gained from consultancy / banking / finance industry;
• Experience in consultancy preferably Big 4 or IT Auditing is an advantage
• Holder of HKMA ECF-C recognized certifications at professional level is required;
• Customer-oriented, good communication and interpersonal skills;
• Able to work independently and under pressure with tight deadline;
• Strong problem-solving, analytical skills and presentation skills;
• Good command of written and spoken English and Mandarin;
• Possess proven managerial experience is a must;
• Possess forward planning, strategic thinking, problem solving and decision-making skills;
• Strong understanding and application of the best practices of cybersecurity management system methodology;
• Proficiency in preparing management dashboard / reporting deck and reports in Chinese is definitely an advantage

Applicants who are not contacted within 8 weeks may consider their applications unsuccessful and their personal data will be retained by the bank for a period up to two years.

All information provided by applicants will be used for recruitment purposes only and will be used strictly in accordance with the bank's personal data policies, a copy of which will be provided upon request.