22 Patch Management jobs in Hong Kong

Patch Management Lead

$900000 - $1200000 Y Automated Systems (HK) Ltd

Posted today

Job Viewed

Tap Again To Close

Job Description

Key Responsibilities
  • Interface with client Operation Leads on vulnerability reporting and escalation.
  • Manage vulnerability performance, resource planning, and service improvements.
  • Report monthly progress with metrics and remediation status.
  • Prioritize urgent patch deployment based on risk and business criticality.
  • Support SCCM operations, including software deployment and patch processes.
  • Coordinate mass patch deployment and manage offline device updates.
  • Collaborate with cross-functional teams and provide technical guidance.
  • Participate in monthly reviews and support emergency patching as needed.
Required Qualifications
  • Bachelor's degree in Computer Science, IT, Engineering, or related field.
  • Relevant security certifications (CISSP, CEH, SANS GIAC) preferred.
  • 5+ years in vulnerability management or similar security role.
  • 3+ years of experience with SCCM administration.
  • 2+ years in a leadership role managing patch programs.
  • Proficient in vulnerability scanning tools and PowerShell scripting.
  • Strong analytical, project management, and communication skills.
  • Ability to work under pressure and manage critical incidents.
This advertiser has chosen not to accept applicants from your region.

Vulnerability Management

$900000 - $1200000 Y Robert Walters (HK) Ltd

Posted today

Job Viewed

Tap Again To Close

Job Description

  • Join a reputable organisation at the forefront of cyber security, offering exposure to advanced technologies and complex environments.

  • Oversee the continuous scanning of infrastructure for vulnerabilities and ensure configuration compliance across platforms, databases, networks, and voice systems.

  • Lead penetration testing activities for both application and infrastructure security, ensuring robust defences against emerging threats.
  • Manage the delivery of DevSecOps services by guiding secure development practices and integrating security into operations workflows.
  • Directly supervise team members through hiring, training, coaching, setting objectives, and performance management to foster a collaborative and high-performing environment.
  • Coordinate with external service providers and product vendors to establish, monitor, and maintain agreed service levels for vulnerability management.
  • Provide oversight on the identification and remediation of vulnerabilities, ensuring timely resolution according to established priorities.
  • Assess vulnerability intelligence in relation to both internal systems and the broader external threat landscape to inform risk-based decision making.
  • Continuously identify gaps in controls or coverage within vulnerability management processes and propose initiatives for service enhancement.
  • Develop comprehensive metrics, reports, and service highlights for presentation to business stakeholders and IT leadership.
  • Act as the lead during incidents involving actively exploited or critical vulnerabilities by developing response plans and overseeing their implementation.

What you bring:

  • A degree in Computer Science, Information Security or a related discipline provides you with a strong academic foundation for this role.
  • Twelve years or more of relevant experience in information security roles ensures you bring deep industry knowledge.
  • At least five years' hands-on experience specifically within vulnerability management demonstrates your subject matter expertise across multiple disciplines.
  • Proven track record in leading teams through hiring, training, coaching, objective setting, and performance management fosters a collaborative work environment.
  • Comprehensive understanding of vulnerability management services including operating procedures enables effective oversight of critical functions.
  • Exceptional logical thinking skills allow you to analyse different categories of vulnerabilities with precision.
  • A customer-focused approach ensures that all services delivered meet high standards of quality and responsiveness.
  • Excellent interpersonal skills support effective communication with both technical teams and business stakeholders alike.
  • Experience with key technologies such as Vulnerability Assessment tools, DevSecOps methodologies, Penetration Testing frameworks, Secure Code Review processes, Attack Surface Management solutions, and Red Team exercises enhances your technical toolkit.
  • Holding industry-recognised certifications such as CISSP or CISM further validates your expertise.
This advertiser has chosen not to accept applicants from your region.

Vulnerability Management

$1200000 - $2400000 Y Pinpoint Asia

Posted today

Job Viewed

Tap Again To Close

Job Description

Pinpoint Asia is representing one of Hong Kong's most respected and technologically complex institutions. Our client is a leader in its field, investing heavily in building a world-class cyber defense function to protect critical assets and data.

We are looking for a strategic, hands-on leader to take full ownership of their Vulnerability Management and Offensive Security program. This is a high-impact role where you will shape the strategy, lead a specialist team, and act as the ultimate authority on identifying and mitigating security weaknesses across the enterprise.

The Opportunity: What You'll Command

This is not a typical operational role. You will be empowered to build, run, and innovate a comprehensive security program. You will be the central commander for threat and vulnerability management, from integrating security into the development pipeline (DevSecOps) to leading the charge during zero-day incidents.

Your mission is to proactively reduce the organization's attack surface by leading a multi-faceted function that includes:

  • Team Leadership: Build, mentor, and lead a high-caliber team of security specialists responsible for scanning, testing, and analysis.
  • Strategic Oversight: Own the entire lifecycle for vulnerabilities across infrastructure, applications, databases, and networks.
  • Vendor & Service Management: Command relationships with external partners for specialized services like Red Teaming and advanced penetration testing, ensuring top-tier performance and value.
  • Incident Command: Act as the designated lead for responding to critical, actively exploited vulnerabilities, orchestrating rapid enterprise-wide remediation efforts.

The Core Mission: Your Key Accountabilities

  • Drive a Proactive Security Posture: Evolve and manage a sophisticated program covering continuous vulnerability scanning, configuration compliance, and attack surface management.
  • Champion DevSecOps: Spearhead the integration of security into the CI/CD pipeline. Embed automated tools (SAST, DAST, SCA) and secure coding practices to find and fix flaws early in the development process.
  • Lead Offensive Security Operations: Oversee all penetration testing (application and infrastructure), secure code reviews, and advanced adversarial simulations (Red Teaming) to rigorously test the organization's defenses.
  • Deliver Actionable Intelligence: Develop a robust vulnerability intelligence capability that contextualizes global threats to the firm's specific environment. Prioritize remediation based on genuine business risk, not just raw CVSS scores.
  • Communicate with Impact: Develop and present compelling metrics, risk reports, and strategic roadmaps to C-level executives and key business stakeholders, translating complex technical data into clear business impact.

The Ideal Profile

We are looking for a seasoned cybersecurity leader with a "player-coach" mentality. You have deep technical credibility combined with proven management experience.

  • Experience: 12+ years in cybersecurity, with at least 5 years in a leadership role focused on Vulnerability Management, Application Security, or Offensive Security.
  • Technical Mastery: Deep, practical expertise across the modern security toolkit. You must understand the "how" and "why" behind:
  • Vulnerability Management Platforms: Tenable, Qualys, Rapid7, etc.
  • DevSecOps & AppSec Tools: SAST, DAST, SCA, IAST integrated into developer workflows.
  • Offensive Security Methodologies: Penetration Testing, Red Teaming, MITRE ATT&CK Framework.
  • Modern IT Environments: Cloud (AWS/Azure), containerization, and complex enterprise networks.
  • Strategic & Analytical Mindset: You can dissect complex vulnerabilities, assess exploitability, and map technical findings to tangible business risks.
  • Leadership & Influence: You have a proven ability to manage technical teams and to communicate effectively with stakeholders at all levels, from engineers to executives.
  • Credentials: A degree in Computer Science, Information Security, or a related discipline. Industry certifications such as CISSP or CISM are highly desirable.
  • If this outstanding opportunity sounds like your next career move, please submit your resume in Word format via the Quick Apply Button.
This advertiser has chosen not to accept applicants from your region.

Vulnerability Management Lead

Kerry Consulting

Posted 14 days ago

Job Viewed

Tap Again To Close

Job Description

Overview

We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.

You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.

We would be open to relocating candidates to Hong Kong for this role.

Responsibilities
  • Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
  • Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
  • Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
  • Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
  • Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
  • Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
  • Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
  • Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
  • Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
  • Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.
Requirements
  • Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
  • 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
  • Proven experience building and scaling vulnerability management programs in a complex enterprise.
  • Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
  • Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
  • Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.
How to apply

If you're interested to apply or find out more, please share your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R

Lic: 16S8060

Seniority level
  • Mid-Senior level
  • Employment type
    1. Full-time
    Job function
    1. Information Technology
    Industries
    1. Information Services

    Referrals increase your chances of interviewing at Kerry Consulting by 2x

    Get notified about new Security Professional jobs in Hong Kong, Hong Kong SAR .

    We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

    #J-18808-Ljbffr
    This advertiser has chosen not to accept applicants from your region.

    Vulnerability Management Lead

    Hong Kong, Hong Kong Kerry Consulting

    Posted 4 days ago

    Job Viewed

    Tap Again To Close

    Job Description

    Overview

    We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.

    You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.

    We would be open to relocating candidates to Hong Kong for this role.

    Responsibilities
    • Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
    • Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
    • Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
    • Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
    • Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
    • Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
    • Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
    • Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
    • Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
    • Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.
    Requirements
    • Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
    • 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
    • Proven experience building and scaling vulnerability management programs in a complex enterprise.
    • Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
    • Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
    • Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.
    How to apply

    If you're interested to apply or find out more, please share your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

    Reg: R

    Lic: 16S8060

    Seniority level
  • Mid-Senior level
  • Employment type
    • Full-time
    Job function
    • Information Technology
    Industries
    • Information Services

    Referrals increase your chances of interviewing at Kerry Consulting by 2x

    Get notified about new Security Professional jobs in Hong Kong, Hong Kong SAR .

    We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

    #J-18808-Ljbffr
    This advertiser has chosen not to accept applicants from your region.

    Vulnerability Management & Offensive Security Lead

    Pinpoint Asia

    Posted 8 days ago

    Job Viewed

    Tap Again To Close

    Job Description

    Vulnerability Management & Offensive Security Lead

    Pinpoint Asia is representing one of Hong Kong's most respected and technologically complex institutions. Our client is a leader in its field, investing heavily in building a world-class cyber defense function to protect critical assets and data.

    We are looking for a strategic, hands-on leader to take full ownership of their Vulnerability Management and Offensive Security program. This is a high-impact role where you will shape the strategy, lead a specialist team, and act as the ultimate authority on identifying and mitigating security weaknesses across the enterprise.

    The Opportunity: What You'll Command

    This is not a typical operational role. You will be empowered to build, run, and innovate a comprehensive security program. You will be the central commander for threat and vulnerability management, from integrating security into the development pipeline (DevSecOps) to leading the charge during zero-day incidents.

    Your mission is to proactively reduce the organization's attack surface by leading a multi-faceted function that includes:

    • Team Leadership: Build, mentor, and lead a high-caliber team of security specialists responsible for scanning, testing, and analysis.
    • Strategic Oversight: Own the entire lifecycle for vulnerabilities across infrastructure, applications, databases, and networks.
    • Vendor & Service Management: Command relationships with external partners for specialized services like Red Teaming and advanced penetration testing, ensuring top-tier performance and value.
    • Incident Command: Act as the designated lead for responding to critical, actively exploited vulnerabilities, orchestrating rapid enterprise-wide remediation efforts.
    The Core Mission: Your Key Accountabilities
    • Drive a Proactive Security Posture: Evolve and manage a sophisticated program covering continuous vulnerability scanning, configuration compliance, and attack surface management.
    • Champion DevSecOps: Spearhead the integration of security into the CI/CD pipeline. Embed automated tools (SAST, DAST, SCA) and secure coding practices to find and fix flaws early in the development process.
    • Lead Offensive Security Operations: Oversee all penetration testing (application and infrastructure), secure code reviews, and advanced adversarial simulations (Red Teaming) to rigorously test the organization's defenses.
    • Deliver Actionable Intelligence: Develop a robust vulnerability intelligence capability that contextualizes global threats to the firm’s specific environment. Prioritize remediation based on genuine business risk, not just raw CVSS scores.
    • Communicate with Impact: Develop and present compelling metrics, risk reports, and strategic roadmaps to C-level executives and key business stakeholders, translating complex technical data into clear business impact.
    The Ideal Profile

    We are looking for a seasoned cybersecurity leader with a "player-coach" mentality. You have deep technical credibility combined with proven management experience.

    • Experience: 12+ years in cybersecurity, with at least 5 years in a leadership role focused on Vulnerability Management, Application Security, or Offensive Security.
    • Technical Mastery: Deep, practical expertise across the modern security toolkit. You must understand the "how" and "why" behind:
    • DevSecOps & AppSec Tools: SAST, DAST, SCA, IAST integrated into developer workflows.
    • Offensive Security Methodologies: Penetration Testing, Red Teaming, MITRE ATT&CK Framework.
    • Modern IT Environments: Cloud (AWS/Azure), containerization, and complex enterprise networks.
    • Strategic & Analytical Mindset: You can dissect complex vulnerabilities, assess exploitability, and map technical findings to tangible business risks.
    • Leadership & Influence: You have a proven ability to manage technical teams and to communicate effectively with stakeholders at all levels, from engineers to executives.
    • Credentials: A degree in Computer Science, Information Security, or a related discipline. Industry certifications such as CISSP or CISM are highly desirable.
    Details
    • Seniority level: Mid-Senior level
    • Employment type: Full-time
    • Job function: Information Technology and Management
    • Industries: Information Services

    We’re not including extraneous job postings or site notices here. This description focuses on the role and qualifications for the Vulnerability Management & Offensive Security Lead.

    #J-18808-Ljbffr
    This advertiser has chosen not to accept applicants from your region.

    Infrastructure Vulnerability Management Project Coordinator

    $600000 - $1200000 Y ADECCO

    Posted today

    Job Viewed

    Tap Again To Close

    Job Description

    Our client is a large scales MNC banking, they are looking for an Infrastructure Vulnerability Management Project Coordinator to join their team.

    RESPONSIBILITIES

    • Co-ordinate with the regional stream of the global vulnerability and compliance management project
    • Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
    • Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
    • Partner with & manage local stakeholders to ensure organizational and procedural efficiency
    • Oversee & support the Business IT departments' remediation activities governance
    • Assess, report and address the security risks arising from vulnerabilities & compliance deviations
    • Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
    • Report regularly to global, regional & local stakeholders including C-level status of the project
    • Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
    • Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
    • Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead

    REQUIREMENTS:

    • Bachelor's degree in Computer Science, Information Systems, or related field
    • 5+ years of experience in IT security with a focus on vulnerability and compliance management
    • 3+ years of experience in a leadership or management role
    • Proven experience on Vulnerability Management activities in Financial Institution environment;
    • Technical knowledge and hands on experience with vulnerability management products
    • Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
    • Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
    • Deep understanding of vulnerability assessment and remediation methodologies
    • Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
    • Proficient in infrastructure security best practices, technologies and security concepts
    • Program and project management expertise, capacity to lead hybrid project methodologies
    • Advanced skills on MS PowerPoint
    • Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc

    Interested parties, please send CV to , For any further discussion.

    Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes.

    This advertiser has chosen not to accept applicants from your region.
    Be The First To Know

    About the latest Patch management Jobs in Hong Kong !

    Infrastructure Vulnerability Management Project Coordinator

    $90000 - $120000 Y Optimum Solutions (S) Pte. Ltd.

    Posted today

    Job Viewed

    Tap Again To Close

    Job Description

    Job Title - Infrastructure Vulnerability Management Project Co Ordinator

    Direct responsibilities:

    Co-ordinate with the regional stream of the global vulnerability and compliance management project

    Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)

    Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders

    Partner with & manage local stakeholders to ensure organizational and procedural efficiency

    Oversee & support the Business IT departments' remediation activities governance

    Assess, report and address the security risks arising from vulnerabilities & compliance deviations

    Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field

    Report regularly to global, regional & local stakeholders including C-level status of the project

    Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them

    Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures

    Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead

    Contributing Responsibilities:

    Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level

    Improve the efficiency of global procedures for Vulnerability & Compliance management

    Contribute to the Bank compliance with regulatory requirements and internal policies

    Provide guidance and support for IT infrastructure projects related to vulnerability management

    Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans, Participation in Audit interview and preparation and delivery of requested evidences

    Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities

    Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo

    Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC

    Technical & Behavioral Competencies

    Technical

    Deep understanding of vulnerability assessment and remediation methodologies

    Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)

    Proficient in infrastructure security best practices, technologies and security concepts

    Program and project management expertise, capacity to lead hybrid project methodologies

    Advanced skills on MS PowerPoint Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.

    Behavioral

    Excellent interpersonal and communication skills; ability to influence and motivate

    Strong leadership and project management skills

    Strong teamwork and collaboration skills

    Successful people management experience

    Strong problem-solving and analytical skills

    Specific Qualifications (if required)

    Bachelor's degree in Computer Science, Information Systems, or related field

    5+ years of experience in IT security with a focus on vulnerability and compliance management

    3+ years of experience in a leadership or management role

    Proven experience on Vulnerability Management activities in Financial Institution environment;

    Technical knowledge and hands on experience with vulnerability management products

    Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)

    Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)

    Interested candidates may apply to this job post.

    All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.

    Full-time

    This advertiser has chosen not to accept applicants from your region.

    Infrastructure Vulnerability Management Project Coordinator

    $900000 - $1200000 Y The Adecco Group

    Posted today

    Job Viewed

    Tap Again To Close

    Job Description

    Our client is a large scales MNC banking, they are looking for an Infrastructure Vulnerability Management Project Coordinator to join their team.

    RESPONSIBILITIES

    • Co-ordinate with the regional stream of the global vulnerability and compliance management project
    • Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
    • Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
    • Partner with & manage local stakeholders to ensure organizational and procedural efficiency
    • Oversee & support the Business IT departments' remediation activities governance
    • Assess, report and address the security risks arising from vulnerabilities & compliance deviations
    • Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
    • Report regularly to global, regional & local stakeholders including C-level status of the project
    • Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
    • Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
    • Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead

    REQUIREMENTS:

    • Bachelor's degree in Computer Science, Information Systems, or related field
    • 5+ years of experience in IT security with a focus on vulnerability and compliance management
    • 3+ years of experience in a leadership or management role
    • Proven experience on Vulnerability Management activities in Financial Institution environment;
    • Technical knowledge and hands on experience with vulnerability management products
    • Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
    • Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)
    • Deep understanding of vulnerability assessment and remediation methodologies
    • Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
    • Proficient in infrastructure security best practices, technologies and security concepts
    • Program and project management expertise, capacity to lead hybrid project methodologies
    • Advanced skills on MS PowerPoint
    • Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc

    Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes

    This advertiser has chosen not to accept applicants from your region.

    Infrastructure Vulnerability Management Project Coordinator

    $60000 - $120000 Y Optimum Solutions (Hong Kong) Limited

    Posted today

    Job Viewed

    Tap Again To Close

    Job Description

    Job Title- Infrastructure Vulnerability Management Project Co Ordinator

    Direct responsibilities:

    • Co-ordinate with the regional stream of the global vulnerability and compliance management project
    • Assist in the establishment of the project's governance in the region for all departments under IT Operations perimeter (improvement, new Process or Procedures)
    • Oversee operations such as scoping, scanning, reporting, coordinating with stakeholders
    • Partner with & manage local stakeholders to ensure organizational and procedural efficiency
    • Oversee & support the Business IT departments' remediation activities governance
    • Assess, report and address the security risks arising from vulnerabilities & compliance deviations
    • Report closely to Programme Lead for IVM and align actions and activities with the overall vision and plans for APAC IVM, provide feedbacks and suggestions collected on the field
    • Report regularly to global, regional & local stakeholders including C-level status of the project
    • Organize and Animate training and awareness sessions with regional and local stakeholders on IVM tools and reports available to them
    • Draft training and awareness materials to strengthen further the stakeholders adoption and engagement with IVM tools, reports and procedures
    • Animate the IVM Project Task Force and extended contributors on behalf of the Programme Lead

    Contributing Responsibilities:

    • Develop and maintain relationships with all projects stakeholders, including local, regional and global IT teams, business IT teams, Security Risk Management teams and C-level
    • Improve the efficiency of global procedures for Vulnerability & Compliance management
    • Contribute to the Bank compliance with regulatory requirements and internal policies
    • Provide guidance and support for IT infrastructure projects related to vulnerability management
    • Contribute to the control frameworks in day‐to‐day business activities, such as Control Plans, Participation in Audit interview and preparation and delivery of requested evidences
    • Participate in daily stand-up and other Scrum rituals for the IVM tools supporting the activities
    • Provide and consolidate BAU and Project KPI progress for the IVM APAC SteerCo
    • Review and assist in Visualization reports evolutions to support IVM-related remediations effort in APAC

    Technical & Behavioral Competencies

    Technical

    • Deep understanding of vulnerability assessment and remediation methodologies
    • Thorough knowledge of vulnerability management tools (e.g. Qualys, Nexpose, Tanium Comply)
    • Proficient in infrastructure security best practices, technologies and security concepts
    • Program and project management expertise, capacity to lead hybrid project methodologies
    • Advanced skills on MS PowerPoint Familiarity with security compliance frameworks such as PCI-DSS, ISO 27001, etc.

    Behavioral

    • Excellent interpersonal and communication skills; ability to influence and motivate
    • Strong leadership and project management skills
    • Strong teamwork and collaboration skills
    • Successful people management experience
    • Strong problem-solving and analytical skills

    Specific Qualifications (if required)

    • Bachelor's degree in Computer Science, Information Systems, or related field
    • 5+ years of experience in IT security with a focus on vulnerability and compliance management
    • 3+ years of experience in a leadership or management role
    • Proven experience on Vulnerability Management activities in Financial Institution environment;
    • Technical knowledge and hands on experience with vulnerability management products
    • Visualization tools hands on experience is a plus (ClickView, Tableau, PowerBI, …)
    • Professional credentials in Security & Risk Management disciplines is a plus (CISSP, CISM, CRISC, CEH, etc.)

    Interested candidates may apply to this job post.

    This advertiser has chosen not to accept applicants from your region.
     

    Nearby Locations

    Other Jobs Near Me

    Industry

    1. request_quote Accounting
    2. work Administrative
    3. eco Agriculture Forestry
    4. smart_toy AI & Emerging Technologies
    5. school Apprenticeships & Trainee
    6. apartment Architecture
    7. palette Arts & Entertainment
    8. directions_car Automotive
    9. flight_takeoff Aviation
    10. account_balance Banking & Finance
    11. local_florist Beauty & Wellness
    12. restaurant Catering
    13. volunteer_activism Charity & Voluntary
    14. science Chemical Engineering
    15. child_friendly Childcare
    16. foundation Civil Engineering
    17. clean_hands Cleaning & Sanitation
    18. diversity_3 Community & Social Care
    19. construction Construction
    20. brush Creative & Digital
    21. currency_bitcoin Crypto & Blockchain
    22. support_agent Customer Service & Helpdesk
    23. medical_services Dental
    24. medical_services Driving & Transport
    25. medical_services E Commerce & Social Media
    26. school Education & Teaching
    27. electrical_services Electrical Engineering
    28. bolt Energy
    29. local_mall Fmcg
    30. gavel Government & Non Profit
    31. emoji_events Graduate
    32. health_and_safety Healthcare
    33. beach_access Hospitality & Tourism
    34. groups Human Resources
    35. precision_manufacturing Industrial Engineering
    36. security Information Security
    37. handyman Installation & Maintenance
    38. policy Insurance
    39. code IT & Software
    40. gavel Legal
    41. sports_soccer Leisure & Sports
    42. inventory_2 Logistics & Warehousing
    43. supervisor_account Management
    44. supervisor_account Management Consultancy
    45. supervisor_account Manufacturing & Production
    46. campaign Marketing
    47. build Mechanical Engineering
    48. perm_media Media & PR
    49. local_hospital Medical
    50. local_hospital Military & Public Safety
    51. local_hospital Mining
    52. medical_services Nursing
    53. local_gas_station Oil & Gas
    54. biotech Pharmaceutical
    55. checklist_rtl Project Management
    56. shopping_bag Purchasing
    57. home_work Real Estate
    58. person_search Recruitment Consultancy
    59. store Retail
    60. point_of_sale Sales
    61. science Scientific Research & Development
    62. wifi Telecoms
    63. psychology Therapy
    64. pets Veterinary
    View All Patch Management Jobs