155 Security Analysts jobs in Hong Kong

Key Responsibilities:

• Monitor and analyze security alerts and incidents to identify potential threats.
• Assist in conducting vulnerability assessments and penetration testing.
• Support the implementation of security measures and protocols.
• Maintain and update security documentation, including incident reports and risk assessments.
• Collaborate with IT teams to ensure compliance with security standards and best practices.
• Participate in security awareness training for staff.
• Stay up-to-date with the latest security trends and technologies.

Qualifications:

• Bachelor's degree in Cyber Security, Information Technology, or a related field (or equivalent experience).
• Basic understanding of network security concepts, firewalls, and intrusion detection systems.
• Familiarity with security tools and technologies (e.g., SIEM, antivirus, encryption).
• Strong analytical and problem-solving skills.
• Excellent communication and teamwork abilities.
• Relevant certifications (e.g., CompTIA Security+, CEH) are a plus.
• Cantonese is a must

Job Description:

• Minimum of 2 years of experience in information security or a similar role.
• Strong understanding of information security principles, standards, and best practices.
• General knowledge in industry regulations and framework such as NIST Cybersecurity Framework, ISO27001 or PCI DSS.
• Experience with security assessment tools and techniques.
• Knowledge in network and system security, including firewalls, intrusion detection/prevention systems, and endpoint protection.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
• Relevant certifications such as CISSP, CISM, or CEH are desirable.

About PureSoftware:

PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world's top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform.

PureSoftware is Great Place to Work Certified in India for the third consecutive year

You can visit our website

Role Summary:

• Seeking a skilled Information Security professional to join our team.
• The candidate will focus on policy development, vulnerability management, incident response, and SOC analysis.

Key Responsibilities:

• Policy Development:

• Formulate and enforce security policies, standards, and guidelines.

• Ensure all practices align with industry regulations and best practices.

• Vulnerability Management:

• Conduct routine assessments to identify potential weaknesses in systems and applications.

• Collaborate with IT teams to address identified vulnerabilities.
• Develop and uphold vulnerability management protocols.

• Incident Response:

• Engage in technical response activities during security incidents.

• Create and maintain incident response plans and documentation.
• Analyze incidents post-event and compile lessons learned.
• Educate staff through training sessions on incident handling best practices.

• SOC Analyst Responsibilities:

• Monitor security events and incidents using various security tools, including SIEM.

• Investigate and respond to security incidents promptly.
• Conduct threat hunting to identify potential security breaches.

Qualifications:

• Bachelor's degree in fields such as computer science, information systems, or related disciplines.
• Security certifications like CISSP, CISM, or equivalent are highly desirable.
• 2-5 years of experience in information security within a dynamic, multi-site enterprise environment.
• Familiarity with regulatory compliance and security frameworks.
• Strong understanding of threat management and incident handling processes.
• Excellent communication skills in English, both written and verbal.

Ideal Candidate:

• A collaborative team player with a proactive approach to security challenges.
• Ability to articulate complex security concepts to diverse audiences.
• Strong analytical skills and a passion for continuous learning in the field of information security.

Job Description:

• Minimum of 2 years of experience in information security or a similar role.
• Strong understanding of information security principles, standards, and best practices.
• General knowledge in industry regulations and framework such as NIST Cybersecurity Framework, ISO27001 or PCI DSS.
• Experience with security assessment tools and techniques.
• Knowledge in network and system security, including firewalls, intrusion detection/prevention systems, and endpoint protection.
• Strong communication and interpersonal skills, with the ability to effectively collaborate with cross-functional teams.
• Relevant certifications such as CISSP, CISM, or CEH are desirable.

PureSoftware, a wholly owned subsidiary of Happiest Minds Technologies, is a global software products and digital services company. PureSoftware has been driving transformation for the world’s top organizations across various industry verticals, including banking, financial services, and insurance, life sciences and healthcare, high tech and communications, retail and logistics, and gaming and entertainment. Arttha, from PureSoftware, is a globally trusted financial technology platform.

PureSoftware is Great Place to Work Certified in India for the third consecutive year

• Associate

• Full-time

• Information Technology, Other, and Analyst

• Insurance, Banking, and Financial Services

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

Join to apply for the Information Security Manager role at Global Payments Inc. .

Develops and leads one or more of the following highly technical and specialized areas within information security: Security Engineering, Security Architecture, Forensics Analysis, Threat Analysis, Threat Hunting and Penetration Testing. Manages the development, deployment and execution of enterprise security controls and defenses. Monitors, analyzes and exploits system vulnerabilities to detect potential threats. Executes containment, mitigation and protection processes to safeguard against real time threats while maintaining critical documentation and evidence. Determines risk and exposure from security breaches and resolves incidents while providing guidance to business decision-makers.

• Tracks and supports the delivery of information security solutions. Manages the tactical activities of installing and configuring security systems, software and applications. Coordinates responses to intrusions and provide remediation guidance and support.
• Coordinates resources on highly complex development projects including approval of design specifications and scope. Provides input to short-term security technology roadmaps regarding applicability of new technologies. Disseminates updates to InfoSec Architectural policies, standards and guidelines to team members.
• Reviews forensic investigations and analysis of reported cyber incidents to evaluate root cause vectors and necessary control measures needed to prevent future occurrence. Implements appropriate countermeasures to recover deleted, hidden or lost user data.
• Coordinates research and analysis of threat actor profiles and associated indicators to detect potential threats. Implements recommended actions and security tools to identify, monitor and mitigate attacks. Coordinates with external security organizations to exchange threat intelligence.
• Coordinates complex threat assessment to evaluate incident impact and risk exposure. Reviews cyber operations intelligence and/or indications and warnings intelligence products (e.g., threat assessments, briefings, intelligence studies, country studies), and draws conclusions on possible implications or applicability. Guides the threat intelligence collection process to enhance analytical capabilities.
• Manages execution of penetration testing activities on core systems. Articulates the outcome of stimulated attacks and underlying security issues or system weaknesses. Recommends and institutes remediation techniques or improvements to protect and maintain security frameworks and controls.
• Supports the evaluation and selection of security applications and systems. Manages the implementation of access control defenses. Provides quality review on the evaluation and documentation of team procedures. Manages development, deployment and support activities for multiple critical security technologies to include problem resolution and management, application maintenance, project requests and system enhancements.
• Not an exhaustive list; other duties as assigned.

• Bachelor's Degree
• Relevant Experience or Degree in: Information Security or Computer Science preferred. Other majors will be considered.
• Typically a minimum of 6 years
• Related professional experience and prefer a minimum of 1-2 years experience in a supervisory position.
• One or more of the following-CISSP, CISA, CISM, PCI-QSA, PA-QSA, PCIP, CRISC, CGEIT, Certified Forensic Computer Examiner (CFCE), Certified Cyber Threat Analyst (CCTA), Certified Computer Examiner (CCE)

• Prior Global Payments, payment or technology industry experience is preferred.
• Master's Degree in a related field of study from an accredited university.

None Identified

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Information Technology
• Industries: Financial Services and IT Services and IT Consulting

Get AI-powered advice on this job and more exclusive features.

Join us. Let’s care for tomorrow. At Allianz Global Investors we foster a culture of professionalism, fulfilment, and an inclusive working environment. Do you want to be part of a leading active asset management company? Then join us now as Information Security Architect in Hong Kong within the Information Security team.

• Support of the continuous development and improvement of our global information security programme (including frameworks, processes, and tool sets) with a focus on security architecture and governance
• Conduct Security Architecture reviews based on industry-best practise, including threat modelling of systems and applications in scope as a vehicle to identify and communicate security risks
• Prepare and moderate regional security governance forums and status meetings, having modern and future-proof collaboration models in mind
• Act as a regional security point of conduct for auditors and business partners
• Driving our global security training and phishing exercises and conducting regional security awareness measures as part of our communication concept
• Work closely with a distributed team of Information Security, IAM and Cybersecurity professionals across Asia and Europe

• Deep expertise and proven experience in Information Security Management, including frameworks, regulations and security architecture
• 3-7 years of professional experience in information security/cybersecurity with specific industry qualifications (e.g., CISSP, CISM, CISA)
• Hands-on experience in developing solutions, such as relevant guidelines and operating procedures on the basis of best-practices, business needs and regulatory requirements as well es respective methodologies for control testing
• Experience in the identification of security risks as well as threat modelling based on internationally recognized frameworks, including the advisory on possible mitigating and controlling measures and architectures.
• Proven track record in working with diverse and distributed global teams, as well as excellent communication and interpersonal skills (communicating and reporting sophisticated technical concepts to business and risk partners)
• Experience interacting directly with senior stakeholders (C-Suite, Board and Regulators)
• Experience balancing multiple concurrent projects and priorities communicating and committing to realistic deadlines, showcasing a structured way of working
• Proficiency in English is a must, additional proficiency in Mandarin preferred and additional language skills are a plus

• Balanced work environment: A dynamic office culture that supports flexibility and collaboration
• Securing your future: Access to pension, retirement, and/or savings plans as applicable to the work location
• Shared success: Company share purchasing plan
• Support for what matters: Mental health and wellbeing programs
• Investments in your career: Career opportunities within the entire Allianz Group
• Investments in your skills: Comprehensive learning and development offerings, including certifications and professional qualifications
• … and so much more!

Allianz Global Investors is a leading global active asset manager. We invest for the long term and want to create value for clients every step of the way. We do this by being active – in how we partner with clients and anticipate their needs, and build solutions based on capabilities across public and private markets. Our focus on enhancing our clients’ assets leads naturally to a commitment to sustainability for positive change. Our goal is to enhance the investment experience for clients, whatever their location or goals. Putting our clients' needs first, behaving in a transparent way and treating people fairly means acting with integrity. We encourage a collegial culture, that supports individual responsibility. We invest in the development of our employees to maximize the power of innovation. We at Allianz believe in a diverse and inclusive workforce, we are committed to the principles of Equal Employment Opportunity and to helping applicants with any disabilities. We encourage you to bring your whole self to work, no matter where you are from, what you look like, who you love or what you believe in. We therefore welcome applications regardless of ethnicity or cultural background, age, gender, nationality, religion, disability or sexual orientation.

If you feel inspired to promote the active asset management experience, this is the place for you. Join our diverse, international, technology-enabled, and agile environment. Simply upload your CV in English to apply for this position! If you need support to navigate our websites or at any stage during your application, please send an email with your request to

To Recruitment Agencies Allianz Global Investors has an in-house recruitment team that sources great candidates directly. Therefore, Allianz Global Investors does not accept unsolicited resumes from agency or search firm recruiters. When we do work with recruitment agencies, that engagement is formalized by a contract. Fees will only be paid when there is a contract in place. Without a contract in place, we will not accept invoices on unsolicited resumes, even if the candidate was ultimately employed by Allianz Global Investors. Finally, please do not contact hiring managers directly.

Location: Sha Tin District, Hong Kong SAR; Job type: Full-Time | Permanent

Job Description:

1. Support and maintain Information Security Management System (ISMS) in accordance with the standard of ISO 27001
2. Ensure the accuracy of the ISMS documentation, develop and maintain information security policies, processes and procedures, design and deliver information security training and awareness programs
3. Undertake information security control assessments, identify and monitor information security risks, threats and vulnerabilities
4. Facilitate and coordinate external compliance audits and ensure audit findings are actioned as required
5. Frequent business trip to mainland China
6. 3-5 years working experience in Information Security
7. Familiar with key frameworks such as ISO 27001

Job Responsibilities:

• Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
• Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
• Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
• Assist in developing and continuously improve the information security issues and resolve the audit findings
• Coordinate implementation and validation of information security controls
• Monitor and assess information security violations incidents and responses
• Troubleshooting and provide technical support for information security solutions
• Assist in preparing training materials to promote information security awareness across the enterprise
• Maintain up-to-date inventory on infrastructure equipment and software
• Perform other duties as assigned by the supervisors

Requirements:

• Degree holder in Information Technology, Computer Science or related disciplines
• Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
• 2+ years relevant working experience on information security, infrastructure maintenance and technical support
• Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
• Knowledge of ISO27001 or Risk Management is a plus
• Positive, responsible, able to work independently and maintain confidentiality
• Fresh graduates and willing to learn will also be considered