62 Security Analysts jobs in Hong Kong

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

Join to apply for the Information Security Manager role at Global Payments Inc. .

Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting and Penetration Testing. Manages the development, deployment and execution of enterprise security controls and defenses. Monitors, analyzes and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation and protection processes to safeguard against real time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.

• Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software and applications. Coordinates responses to intrusions and provide remediation guidance and support.
• Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards and guidelines to team members.
• Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden or lost user data.
• Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
• Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
• Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
• Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests and system enhancements.
• Not an exhaustive list; other duties as assigned.

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically a minimum of 6 years
• Related professional experience and prefer a minimum of 1-2 years experience in a supervisory position.
• One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)

• Prior Global Payments, payment or technology industry experience is preferred.
• Master's Degree in a related field of study from an accredited university.

None Identified

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Financial Services and IT Services and IT Consulting

Get AI-powered advice on this job and more exclusive features.

Join us. Let’s care for tomorrow. At Allianz Global Investors we foster a culture of professionalism, fulfilment, and an inclusive working environment. Do you want to be part of a leading active asset management company? Then join us now as Information Security Architect in Hong Kong within the Information Security team.

• Support of the continuous development and improvement of our global information security programme (including frameworks, processes, and tool sets) with a focus on security architecture and governance
• Conduct Security Architecture reviews based on industry-best practise, including threat modelling of systems and applications in scope as a vehicle to identify and communicate security risks
• Prepare and moderate regional security governance forums and status meetings, having modern and future-proof collaboration models in mind
• Act as a regional security point of conduct for auditors and business partners
• Driving our global security training and phishing exercises and conducting regional security awareness measures as part of our communication concept
• Work closely with a distributed team of Information Security, IAM and Cybersecurity professionals across Asia and Europe

• Deep expertise and proven experience in Information Security Management, including frameworks, regulations and security architecture
• 3-7 years of professional experience in information security/cybersecurity with specific industry qualifications (e.g., CISSP, CISM, CISA)
• Hands-on experience in developing solutions, such as relevant guidelines and operating procedures on the basis of best-practices, business needs and regulatory requirements as well es respective methodologies for control testing
• Experience in the identification of security risks as well as threat modelling based on internationally recognized frameworks, including the advisory on possible mitigating and controlling measures and architectures.
• Proven track record in working with diverse and distributed global teams, as well as excellent communication and interpersonal skills (communicating and reporting sophisticated technical concepts to business and risk partners)
• Experience interacting directly with senior stakeholders (C-Suite, Board and Regulators)
• Experience balancing multiple concurrent projects and priorities communicating and committing to realistic deadlines, showcasing a structured way of working
• Proficiency in English is a must, additional proficiency in Mandarin preferred and additional language skills are a plus

• Balanced work environment: A dynamic office culture that supports flexibility and collaboration
• Securing your future: Access to pension, retirement, and/or savings plans as applicable to the work location
• Shared success: Company share purchasing plan
• Support for what matters: Mental health and wellbeing programs
• Investments in your career: Career opportunities within the entire Allianz Group
• Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications
• … and so much more!

Allianz Global Investors is a leading global active asset manager. We invest for the long term and want to create value for clients every step of the way. We do this by being active – in how we partner with clients and anticipate their needs, and build solutions based on capabilities across public and private markets. Our focus on enhancing our clients’ assets leads naturally to a commitment to sustainability for positive change. Our goal is to enhance the investment experience for clients, whatever their location or goals. Putting our clients' needs first, behaving in a transparent way and treating people fairly means acting with integrity. We encourage a collegial culture, that supports individual responsibility. We invest in the development of our employees to maximize the power of innovation. We at Allianz believe in a diverse and inclusive workforce, we are committed to the principles of Equal Employment Opportunity and to helping applicants with any disabilities. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.

If you feel inspired to promote the active asset management experience, this is the place for you. Join our diverse, international, technology-enabled, and agile environment. Simply upload your CV in English to apply for this position! If you need support to navigate our websites or at any stage during your application, please send an email with your request to

To Recruitment Agencies Allianz Global Investors has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Global Investors does not accept unsolicited resumes from agency or search firm recruiters. When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz Global Investors. Finally, please do not contact hiring managers directly.

Location: Sha Tin District, Hong Kong SAR; Job type: Full-Time | Permanent

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

Join to apply for the Information Security Manager role at Global Payments Inc. .

Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting and Penetration Testing. Manages the development, deployment and execution of enterprise security controls and defenses. Monitors, analyzes and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation and protection processes to safeguard against real time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.

• Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software and applications. Coordinates responses to intrusions and provide remediation guidance and support.
• Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards and guidelines to team members.
• Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden or lost user data.
• Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
• Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
• Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
• Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests and system enhancements.
• Not an exhaustive list; other duties as assigned.

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically a minimum of 6 years
• Related professional experience and prefer a minimum of 1-2 years experience in a supervisory position.
• One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)

• Prior Global Payments, payment or technology industry experience is preferred.
• Master's Degree in a related field of study from an accredited university.

None Identified

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Financial Services and IT Services and IT Consulting

2 days ago Be among the first 25 applicants

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

• Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
• Interface with technical teams to understand control implementation and translate findings into governance insights.
• Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
• Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
• Support the development of security reporting and risk metrics
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support audit and assessment activities, including evidence collection and coordination with internal teams.
• Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

• Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
• Strong understanding of security controls across infrastructure, application, and cloud domains.
• Proven ability to work with technical teams and translate technical content into business-friendly reporting.
• Experience in preparing client-facing documentation and presentations.
• Excellent written and verbal communication skills in English.
• Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

• Experience in regulated industries such as finance, healthcare, or insurance.
• Strong stakeholder engagement and coordination skills.
• Detail-oriented with a proactive and structured approach to governance.
• Familiarity with GRC

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Overview

Join to apply for the Chief Information Security Officer role at EX.IO .

• Develop and execute cybersecurity strategy for trading platforms and blockchain systems.
• Lead security team, overseeing threat prevention, incident response, and risk assessments.
• Ensure compliance with SFC Cybersecurity Guidelines and global standards (e.g., ISO 27001).
• Monitor and mitigate cyber threats (e.g., DDoS, phishing, wallet breaches).
• Enforce security policies and conduct employee training on secure practices.
• Evaluate emerging technologies (e.g., zero-trust, AI threat detection) for platform resilience.

• Bachelor’s/Master’s in Cybersecurity, IT, or related field; CISSP/CISM preferred.
• 8+ years in cybersecurity, 3+ years in leadership, ideally in fintech/blockchain.
• Expertise in securing trading platforms, wallets, and smart contracts.
• Knowledge of SFC regulations and global frameworks (e.g., NIST, GDPR).
• Strong leadership and communication skills; English fluency, Mandarin/Cantonese a plus.
• Proactive, strategic thinker thriving in a fast-paced environment.

• Executive

• Full-time

• Information Technology

• Blockchain Services

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

2 days ago Be among the first 25 applicants

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  
  

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  
  

• 5+ years of experience in information security, security risk, or a related area.
• Degree in Information Security, Computer Science, Information Management Systems, or a related field.
• Demonstrated track record in leading and implementing successful information security initiatives and programs.
• Ability to apply analytical rigor to understand complex business scenarios, with strong problem-solving skills and the ability to work independently.
• Excellent presentation and communication skills, with the ability to convey complex security concepts in clear, business-intelligible language.
• Experience working in a multinational organization is advantageous.
• Fluent in English (verbal and written).
• Relevant certifications (e.g., CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent) are a plus.
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Insurance

Referrals increase your chances of interviewing at AXA Hong Kong and Macau by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 days ago

Shenzhen, Guangdong, China CN¥45,000.00-CN¥65,000.00 2 years ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Head of Information Security role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established insurance firm, recognized as a large organization in the industry. Operating in a competitive and fast-paced environment, they are heavily focused on technological innovation and security. Their commitment to maintaining the highest standards of information security is one of their top priorities.

As a Head of Information Security , your main responsibilities will include:

1. Defining and implementing the company's information security strategy and roadmap.
2. Developing and maintaining the ISMS based on ISO 27001.
3. Conducting regular information security risk assessments.
4. Ensuring compliance with regulatory requirements related to information security.
5. Managing the information security incident response process.
6. Providing information security training and awareness to all staff.
7. Working closely with the IT department to ensure the security of the IT infrastructure.
8. Reporting to management on information security status and initiatives.

A Successful 'Head Of Information Security' Should Have

• A degree in Information Technology, Computer Science, or a related field.
• Professional certifications such as CISSP, CISM, or CISA.
• Proven experience in developing and managing ISMS based on ISO 27001.
• Strong knowledge of information security principles and practices.
• Ability to conduct information security risk assessments and audits.
• Experience in managing information security incidents.
• Strong communication and leadership skills.

• A competitive salary range of around HKD 1,080,000 to HKD 1,200,000.
• Standard benefits package including health insurance and retirement plans.
• Opportunity to work in a technologically advanced environment.
• A supportive and collaborative work culture.

We are looking for an ambitious and dedicated professional to join our team in this critical role. If you have the necessary skills and experience, we would love to hear from you. Apply today to secure your future in a highly rewarding career in the insurance industry.

Contact: Alexis Wee

Quote job ref: JN-

• Director

• Full-time

• Information Technology and Engineering

• Insurance, Financial Services, and Capital Markets