10 Patch Management jobs in Hong Kong

2 days ago Be among the first 25 applicants

Direct message the job poster from Kerry Consulting

We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.

You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.

We would be open to relocating candidates to Hong Kong for this role.

Responsibilities:

• Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
• Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
• Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
• Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
• Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
• Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
• Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
• Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
• Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
• Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.

Requirements:

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
• 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
• Proven experience building and scaling vulnerability management programs in a complex enterprise.
• Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
• Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
• Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services

Referrals increase your chances of interviewing at Kerry Consulting by 2x

Hong Kong SAR HK$32,000.00-HK$6,000.00 2 weeks ago

Hong Kong SAR HK 17,925.00-HK 29,523.00 2 months ago

Kwai Tsing District, Hong Kong SAR 2 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We're seeking a Regional Vulnerability Management Project Coordinator to lead the APAC vulnerability management initiatives. In this role, you'll transform raw security data into actionable insights while ensuring flawless execution of global cybersecurity standards across local implementations.

Main Responsibilities

Program Coordination

• Support the regional execution of the global vulnerability and compliance management program
• Establish and maintain project governance frameworks for IT Operations departments
• Oversee end-to-end vulnerability operations (scoping, scanning, reporting, stakeholder coordination)

Stakeholder & Remediation Management

• Partner with local teams to optimize organizational processes and remediation workflows
• Govern Business IT departments' vulnerability remediation activities
• Assess and mitigate security risks from vulnerabilities and compliance gaps
• Deliver regular updates to global/regional stakeholders, including C-level executives
• Provide field insights to the Programme Lead to shape APAC strategy

Training & Enablement

• Develop training materials and conduct awareness sessions on VM tools/reports
• Drive adoption of vulnerability management procedures across stakeholders
• Translate technical findings into actionable business recommendations

Qualifications & Experience

• 5-7 years of hands-on vulnerability management experience, including comprehensive understanding of vulnerability assessment lifecycle (scanning, analysis, prioritization, remediation tracking) and interpretation of security findings across platforms.
• Proficiency in data visualization tools (PowerBI, Tableau) for security reporting
• Demonstrated success managing complex, cross-functional security initiatives
• Exceptional communication skills with ability to present to technical and executive audiences
• Strong attention to detail with ability to maintain accuracy in fast-paced environments
• Knowledge of Qualys, Nexpose, or similar vulnerability assessment platforms is good to have.
• Financial services or highly regulated industry experience is preferred but not mandatory.
• Relevant certifications are a plus (CISSP, CISM, CRISC)

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting, Financial Services, and Banking

Referrals increase your chances of interviewing at We+ Asia by 2x

Central & Western District, Hong Kong SAR 3 weeks ago

Wan Chai District, Hong Kong SAR 3 weeks ago

Central & Western District, Hong Kong SAR 9 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

1 day ago Be among the first 25 applicants

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

Get AI-powered advice on this job and more exclusive features.

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  
  
  

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  
  
  

• Degree in Computer Science, Information Security, and/or related discipline
• 12 years or more of working experience in the related field, with at least 5 years in the Vulnerability Management domain across various disciplines, including leading and managing teams
• Strong experience covering Vulnerability Management services and required operating procedures
• High degree of logical and analytical thinking skills, particularly on the different categories of vulnerabilities and how they work
• Strong service and customer-focused approach to the service being delivered
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – Vulnerability Assessment, DevSecOps, Pen-Testing, Secure Code Review, Attack Surface Management, Red Team
• Industry-recognised certification in one or more of the following – CISSP, CISM, etc.
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Get notified about new Senior Technical Manager jobs in Sha Tin District, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 17 hours ago

Tsim Sha Tsui, Hong Kong SAR 3 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Shek Pik, Hong Kong SAR HK$40,000.00-HK$70,000.00 1 month ago

Islands District, Hong Kong SAR 8 months ago

Kwai Tsing District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We're seeking a Regional Vulnerability Management Project Coordinator to lead the APAC vulnerability management initiatives. In this role, you'll transform raw security data into actionable insights while ensuring flawless execution of global cybersecurity standards across local implementations.

Main Responsibilities

Program Coordination

• Support the regional execution of the global vulnerability and compliance management program
• Establish and maintain project governance frameworks for IT Operations departments
• Oversee end-to-end vulnerability operations (scoping, scanning, reporting, stakeholder coordination)

Stakeholder & Remediation Management

• Partner with local teams to optimize organizational processes and remediation workflows
• Govern Business IT departments' vulnerability remediation activities
• Assess and mitigate security risks from vulnerabilities and compliance gaps
• Deliver regular updates to global/regional stakeholders, including C-level executives
• Provide field insights to the Programme Lead to shape APAC strategy

Training & Enablement

• Develop training materials and conduct awareness sessions on VM tools/reports
• Drive adoption of vulnerability management procedures across stakeholders
• Translate technical findings into actionable business recommendations

Qualifications & Experience

• 5-7 years of hands-on vulnerability management experience, including comprehensive understanding of vulnerability assessment lifecycle (scanning, analysis, prioritization, remediation tracking) and interpretation of security findings across platforms.
• Proficiency in data visualization tools (PowerBI, Tableau) for security reporting
• Demonstrated success managing complex, cross-functional security initiatives
• Exceptional communication skills with ability to present to technical and executive audiences
• Strong attention to detail with ability to maintain accuracy in fast-paced environments
• Knowledge of Qualys, Nexpose, or similar vulnerability assessment platforms is good to have.
• Financial services or highly regulated industry experience is preferred but not mandatory.
• Relevant certifications are a plus (CISSP, CISM, CRISC)

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting, Financial Services, and Banking

Referrals increase your chances of interviewing at We+ Asia by 2x

Central & Western District, Hong Kong SAR 3 weeks ago

Wan Chai District, Hong Kong SAR 3 weeks ago

Central & Western District, Hong Kong SAR 9 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

1 day ago Be among the first 25 applicants

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

Get AI-powered advice on this job and more exclusive features.

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  

• Degree in Computer Science, Information Security, and/or related discipline
• 12 years or more of working experience in the related field, with at least 5 years in the Vulnerability Management domain across various disciplines, including leading and managing teams
• Strong experience covering Vulnerability Management services and required operating procedures
• High degree of logical and analytical thinking skills, particularly on the different categories of vulnerabilities and how they work
• Strong service and customer-focused approach to the service being delivered
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – Vulnerability Assessment, DevSecOps, Pen-Testing, Secure Code Review, Attack Surface Management, Red Team
• Industry-recognised certification in one or more of the following – CISSP, CISM, etc.
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Get notified about new Senior Technical Manager jobs in Sha Tin District, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 17 hours ago

Tsim Sha Tsui, Hong Kong SAR 3 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Shek Pik, Hong Kong SAR HK$40,000.00-HK$70,000.00 1 month ago

Islands District, Hong Kong SAR 8 months ago

Kwai Tsing District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior / System Administration Manager role at Bank of China (Hong Kong) .

This position involves managing data centre IT infrastructure, hardware maintenance, procurement processes, vendor negotiations, and asset management. The role requires working outside normal hours upon management request.

Responsibilities include:

• Handling data centre IT infrastructure and hardware maintenance contracts
• Providing advice and due diligence in RFQ, tendering, and procurement
• Supervising procurement to ensure efficiency and policy compliance
• Evaluating procurement proposals and liaising with vendors
• Vendor management and performance evaluation
• Inventory and asset management of data centres
• IT equipment management including maintenance, installation, and cabling

Requirements:

• Degree in IT, Computer Studies, or related field
• At least 3 years' banking experience, preferably with data centres
• Understanding of retail banking operations
• Excellent interpersonal and communication skills
• Proficiency in English and Chinese, knowledge of Microsoft Office

We offer competitive remuneration and benefits. Interested candidates should apply online via our website. Data collected is for recruitment purposes only. If you do not hear from us within 8 weeks, consider your application unsuccessful.

Join to apply for the Senior / System Administration Manager role at Bank of China (Hong Kong) .

This position involves managing data centre IT infrastructure, hardware maintenance, procurement processes, vendor negotiations, and asset management. The role requires working outside normal hours upon management request.

Responsibilities include:

• Handling data centre IT infrastructure and hardware maintenance contracts
• Providing advice and due diligence in RFQ, tendering, and procurement
• Supervising procurement to ensure efficiency and policy compliance
• Evaluating procurement proposals and liaising with vendors
• Vendor management and performance evaluation
• Inventory and asset management of data centres
• IT equipment management including maintenance, installation, and cabling

Requirements:

• Degree in IT, Computer Studies, or related field
• At least 3 years' banking experience, preferably with data centres
• Understanding of retail banking operations
• Excellent interpersonal and communication skills
• Proficiency in English and Chinese, knowledge of Microsoft Office

We offer competitive remuneration and benefits. Interested candidates should apply online via our website. Data collected is for recruitment purposes only. If you do not hear from us within 8 weeks, consider your application unsuccessful.

Join to apply for the Senior / System Administration Manager (Cloud) role at Bank of China (Hong Kong) .

• Manage and monitor the private Cloud environment, including compute, storage, and networking resources. Provide 24x7 support for Cloud infrastructure systems.
• Implement and maintain Cloud automation and orchestration tools to improve efficiency and scalability.
• Ensure high availability, disaster recovery, and data protection for critical Cloud-based applications and services.
• Troubleshoot and resolve complex Cloud-related issues in a timely manner.
• Collaborate with development, security, and other IT teams to ensure seamless integration and security of Cloud services.
• Provide technical guidance and training to application developers/operators on Cloud-related processes and procedures.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• 2+ years of experience in Cloud system administration.
• Exposure to Red Hat OpenShift, Containers, Ansible, Elasticsearch, Grafana, Prometheus, Huawei HCS, MySQL, and Redis.
• Strong understanding of Cloud platforms with experience in compute, networking, storage, backup/recovery, and virtualization.
• Stay up-to-date with the latest Cloud technologies, best practices, and industry trends.
• Self-motivated and able to work under pressure.
• Excellent troubleshooting and problem-solving skills.
• Good communication skills in both Chinese and English; knowledge of Mandarin is a plus.
• Experience in the financial industry and understanding of banking system architecture is preferred.

This job posting is active. Interested candidates are encouraged to apply online through our website . Data collected will be used solely for recruitment purposes. If you do not hear back within 8 weeks, your application will be considered unsuccessful, and your data will be destroyed within 12 months.

Join to apply for the Senior / System Administration Manager (Cloud) role at Bank of China (Hong Kong) .

• Manage and monitor the private Cloud environment, including compute, storage, and networking resources. Provide 24x7 support for Cloud infrastructure systems.
• Implement and maintain Cloud automation and orchestration tools to improve efficiency and scalability.
• Ensure high availability, disaster recovery, and data protection for critical Cloud-based applications and services.
• Troubleshoot and resolve complex Cloud-related issues in a timely manner.
• Collaborate with development, security, and other IT teams to ensure seamless integration and security of Cloud services.
• Provide technical guidance and training to application developers/operators on Cloud-related processes and procedures.

• Bachelor's degree in Computer Science, Information Technology, or a related field.
• 2+ years of experience in Cloud system administration.
• Exposure to Red Hat OpenShift, Containers, Ansible, Elasticsearch, Grafana, Prometheus, Huawei HCS, MySQL, and Redis.
• Strong understanding of Cloud platforms with experience in compute, networking, storage, backup/recovery, and virtualization.
• Stay up-to-date with the latest Cloud technologies, best practices, and industry trends.
• Self-motivated and able to work under pressure.
• Excellent troubleshooting and problem-solving skills.
• Good communication skills in both Chinese and English; knowledge of Mandarin is a plus.
• Experience in the financial industry and understanding of banking system architecture is preferred.

This job posting is active. Interested candidates are encouraged to apply online through our website. Data collected will be used solely for recruitment purposes. If you do not hear back within 8 weeks, your application will be considered unsuccessful, and your data will be destroyed within 12 months.