257 Security Engineer jobs in Hong Kong
Information Security Engineer
Posted today
Job Viewed
Job Description
Job Responsibilities:
- Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
- Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
- Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
- Assist in developing and continuously improve the information security issues and resolve the audit findings
- Coordinate implementation and validation of information security controls
- Monitor and assess information security violations incidents and responses
- Troubleshooting and provide technical support for information security solutions
- Assist in preparing training materials to promote information security awareness across the enterprise
- Maintain up-to-date inventory on infrastructure equipment and software
- Perform other duties as assigned by the supervisors
Requirements:
- Degree holder in Information Technology, Computer Science or related disciplines
- Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
- 2+ years relevant working experience on information security, infrastructure maintenance and technical support
- Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
- Knowledge of ISO27001 or Risk Management is a plus
- Positive, responsible, able to work independently and maintain confidentiality
- Fresh graduates and willing to learn will also be considered
Information Security Engineer
Posted today
Job Viewed
Job Description
Summary
Description
Summary of This Role
Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.
What Part Will You Play?
- Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
- Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
- Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
- Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.
What Are We Looking For in This Role?
Minimum Qualifications
- Bachelor's Degree
- Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
- Typically No Related Experience Required
- Although experience is not required for this position, four years related experience may be considered in lieu of a degree.
Preferred Qualifications
- None Identified
What Are Our Desired Skills and Capabilities?
- Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
- Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
- Supervision - Normally receives detailed instructions on all work.
- Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
- Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
- Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions
Information Security Engineer
Posted today
Job Viewed
Job Description
Every day, Global Payments makes it possible for millions of people to move money between buyers and sellers using our payments solutions for credit, debit, prepaid and merchant services. Our worldwide team helps over 3 million companies, more than 1,300 financial institutions and over 600 million cardholders grow with confidence and achieve amazing results. We are driven by our passion for success and we are proud to deliver best-in-class payment technology and software solutions. Join our dynamic team and make your mark on the payments technology landscape of tomorrow.
Summary of This RoleDevelops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.
What Part Will You Play?- Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
- Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
- Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
- Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.
Minimum Qualifications
- Bachelor's Degree
- Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
- Typically No Related Experience Required
- Although experience is not required for this position, four years related experience may be considered in lieu of a degree.
Preferred Qualifications
- None Identified
- Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
- Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
- Supervision - Normally receives detailed instructions on all work.
- Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
- Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
- Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions
Global Payments Inc. is an equal opportunity employer. Global Payments provides equal employment opportunities to all employees and applicants for employment without regard to race, color, religion, sex (including pregnancy), national origin, ancestry, age, marital status, sexual orientation, gender identity or expression, disability, veteran status, genetic information or any other basis protected by law. If you wish to request reasonable accommodations related to applying for employment or provide feedback about the accessibility of this website, please contact
Information Security Engineer
Posted today
Job Viewed
Job Description
Our client is a well known company in HK and they are looking for a Information Security Engineer to cope with their business.
Responsibilities:
- ISO 27001 Compliance: Develop, implement, and maintain the Information Security Management System (ISMS) in accordance with ISO 27001 standards.
- Risk Assessment: Conduct regular risk assessments and audits to identify vulnerabilities, threats, and risks to the organization's information assets.
- Policy Development: Create and update security policies, procedures, and guidelines to ensure compliance with regulatory requirements and best practices.
- Incident Response: Manage and respond to security incidents, performing root cause analysis and implementing corrective actions to prevent recurrence.
- Training and Awareness: Develop and deliver training programs to promote security awareness among staff and ensure adherence to security protocols.
Requirements:
- Educational Background: Bachelor's degree in Information Technology, Cybersecurity, or a related field; relevant certifications (e.g., CISSP, CISA, CISM) are advantageous.
- Experience: Minimum of 3-5 years in information security roles with a focus on ISO 27001 compliance and security operations.
- Technical Skills: Proficiency in security frameworks, risk management practices, and incident response methodologies; familiarity with security tools and technologies.
- Analytical Skills: Strong analytical and problem-solving skills to assess security risks and develop effective mitigation strategies.
- Communication Skills: Excellent verbal and written communication skills for reporting security issues and training employees on security practices.
Interested parties, please kindly send your CV to , thanks
Please note that only short listed candidates will be notified. All information gathered will be treated in strict confidence and solely used for recruitment purposes
Information Security Engineer
Posted today
Job Viewed
Job Description
Company Introduction:
*We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."
Job Summary: *
The Information Security Engineer is part of HKEX Information Security function, playing a key role in enhancing the organization security posture. Incumbent is responsible for the design, build, operate and evolve the enterprise IT security solutions to address the organization's security requirements and engaging with key stakeholders to provide critical security services.
Job Duties:
Responsibilities
- Design, deploy, operate, and maintain enterprise security tools and technologies to protect HKEX's IT infrastructure. These include, but are not limited to, Webproxy, IPS, WAF, anti-DDOS platforms, browser isolation tools, and Data Leakage Protection systems.
- Perform daily operational tasks including managing URL whitelist, handling Data Leakage Protection rule exceptions, and updating policies on webproxy and browser isolation tools.
- On-board application systems to WAF and anti-DDOS platforms, monitor and maintain existing security tools to ensure continuous protection and compliance,, and fine-tuning policies.
- Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
- Identify and define system security requirements.
- Design computer security architecture and develop detailed cyber security designs.
- Configure and troubleshoot security systems and infrastructure devices.
- Develop technical solutions and new security tools to help mitigate security vulnerabilities and automate repeatable tasks.
- Maintain all solution design documentation, processes, procedures and report on metrics to demonstrate effective and efficient management of services.
- Work with product vendors and suppliers to maintain and enhance existing security tooling and products.
- Ensure that the organization security tools can detect and help with the response to cyber security incidents.
- Document and validate disaster recovery testing for CyberSecurity tools.
- Write comprehensive reports including assessment-based findings, outcomes and propositions for further system security enhancements.
- Support in managing the Total Cost of Ownership (TCO) for security solutions which includes new investments and business-as-usual financials.
Requirements:
- Hands-on experience or academic exposure to security engineering or system administration.
- Experience in building, maintaining and operating security systems and platforms.
- Hands on experience in at least one of Webproxy, IPS, WAF and anti-DDOS security systems.
- Experience with network security and networking technologies and with system, security, and network monitoring tools.
- Keen on the latest security principles, techniques, and protocols (such as zero trust, etc).
- Must have strong information security technology knowledge/concepts and can effectively communicate with senior management and a broad range of technical/non-technical audiences.
- Strong written communication skills and verbal presentations to internal stakeholders.
- Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience.
- Familiarity with web related technologies (Web applications, Web Services, Service Oriented Architectures) and of network/web related protocols.
- Familiarity with application, database and operating system security.
- Familiarity with cloud security technologies (AWS or Huawei Cloud Stack (HCS) is preferred).
- Familiarity with risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP, NIST Cybersecurity Framework.
- Familiarity in scripting (Python) or automation (Ansible) is an advantage.
- Previous experience in regulated environments is an added advantage
- Problem solving skills and ability to work under pressure.
- Candidate with less experience will be also considered.
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
Location:
HKEX - TKO
Shift:
Standard - 40 Hours (Hong Kong SAR)
Scheduled Weekly Hours:
40
Worker Type:
Contract
Information Security Engineer
Posted today
Job Viewed
Job Description
Job Responsibilities:
- Responsible for managing information security and infrastructure systems to ensure the smooth operation of all enterprise systems and network
- Support day-to-day monitoring and control of information security program, systems, configuration, patching and backup
- Assist in conducting risk assessment and information security review of internal operations, vulnerability assessments and tests for enterprise continuous improvement
- Assist in developing and continuously improve the information security issues and resolve the audit findings
- Coordinate implementation and validation of information security controls
- Monitor and assess information security violations incidents and responses
- Troubleshooting and provide technical support for information security solutions
- Assist in preparing training materials to promote information security awareness across the enterprise
- Maintain up-to-date inventory on infrastructure equipment and software
- Perform other duties as assigned by the supervisors
Requirements:
- Degree holder in Information Technology, Computer Science or related disciplines
- Holder of CISSP, CISA, CCNA, MCSE or relevant certification preferred
- 2+ years relevant working experience on information security, infrastructure maintenance and technical support
- Experience in developing and implementing information security control process, hands-on working experience in Microsoft Windows Server, Linux, Networking, Firewall, Antivirus, VMware and System Hardening
- Knowledge of ISO27001 or Risk Management is a plus
- Positive, responsible, able to work independently and maintain confidentiality
- Fresh graduates and willing to learn will also be considered
Information Security Engineer
Posted today
Job Viewed
Job Description
Develops, configures, documents, and maintains information security solutions. Installs and configures web proxies, intrusion detection systems, endpoint monitoring software, and vulnerability scanning systems. Ensures that threats and vulnerabilities to the organization's business systems and applications (both in-house and cloud-based) are minimized. Manages encryption protocols to protect the organization's data as well as management of authentication and access controls. Evaluates information security configurations when intrusions have occurred and monitors the effectiveness of implemented changes. Monitors overall compliance with security standards and conducts periodic security reviews.
What Part Will You Play?- Works with others in the delivery of secure solutions and/or secure remediation solutions. Supports delivery through focusing on tasks with basic to moderate complexity.
- Works with others to install tools that specifically secure each level within security frame work. Supports delivery through focusing on tasks with basic to moderate complexity.
- Develops awareness of new security technologies and trends while also helping to validate corporate conformance to industry standards utilizing set analysis criteria.
- Provides support for investigating intrusion incidents, conduct forensic investigations and helps others who provide incident responses.
Minimum Qualifications
- Bachelor's Degree
- Relevant Experience or Degree in: in Information Security or Computer Science preferred. Other majors will be considered.
- 1-4 years related experience may be considered in lieu of a degree.
- Skills / Knowledge - Learns to use professional concepts. Applies company policies and procedures to resolve routine issues.
- Job Complexity - Works on problems of limited scope. Follows standard practices and procedures in analyzing situations or data from which answers can be readily obtained. Builds stable working relationships internally.
- Supervision - Normally receives detailed instructions on all work.
- Network Engineering - Is aware of TCP/IP network connectivity, subnet segmentation, security zones, secure ports/protocols, network authentication/authorization, security tools and their applicability (WAF, IPS, Sandbox, etc.).
- Vulnerability testing, risk analyses and security assessments - Knowledge of vulnerability testing, risk analyses and security assessments
- Technical industry acumen - Knowledge of Industry regulatory audit requirements and solutions and Authentication, authorization, and encryption solutions
Be The First To Know
About the latest Security engineer Jobs in Hong Kong !
Regional Information Security Engineer
Posted today
Job Viewed
Job Description
About the company:
Our client is a leading global professional firm operating in over thirty countries. The Lead Information Security Engineer role's is to safeguard the organization's IT systems and data. This role requires the candidate's active participation in the implementation of security policies and procedures, the monitoring and analysis of security events and the maintenance of security tools. Other responsibilities are to identify, investigate and resolve any security threats, vulnerabilities and incidents. The candidate must keep up to date with the latest security trends, have excellent communication and problem-solving skills and have a deep understanding of security principles and technologies. The individual will have a functional role in mentoring other team members and share the off-hour support responsibilities.
Responsibilities:
- Review, analyze, and monitor security system reports and logs for suspicious activities, trends, and patterns. This includes web filters, mail gateways, firewalls, encryption systems, anti-malware systems, and IDS/IPS.
- Configure, maintain, and administer security products and solutions used within the firm.
- Configure, maintain, and administer firewalls, web proxy devices, data loss prevention systems, and security information event monitoring systems.
- As a member of the Incident Response Team, respond to alerts, warnings, incidents, and help desk tickets to minimize firm asset exposure under the direction of the IS Security Manager.
- Participate in troubleshooting efforts for all IT security-related problems, including managing and using TAM arrangements with specified security vendors.
- Serve as a technician/engineer on IS projects.
- Conduct risk and security reviews on products as directed by the IT Security Manager or IS management.
- Configure access control systems, assigning rights to appropriate resources for users, IS personnel, and vendors.
- Recommend controls to ensure appropriate protection levels and adherence to the overall information security strategy.
- Monitor IS security metrics, including security system logs, Windows server logs, and network monitoring systems.
- Administer systems and processes to monitor and reconcile system patch status and discovered vulnerabilities, managing metrics that provide patch and vulnerability status. Work with responsible groups inside and outside of IT to remediate.
- Provide consultation and conduct internal investigations that may require forensic analysis under the direction of the IT Security Manager and/or IS management.
- Respond to audit findings as directed by the IT Security Manager and/or IT Management.
- Evaluate and recommend commercial security vendors and products.
- Perform other duties as assigned or required.
Qualifications and Experience
- Bachelor's degree in Cybersecurity Engineering or Computer Sciences
- Strong professional experience in information security with a focus on security operations and technical support
- Strong Experience in Microsoft office Suite, iManage or others company technologies
- Experience with VPN, SSL and other encryption technologies
- Good knowledge of server, workstation, and Active Directory technologies that impact security controls
- Deep understanding of TCP/IP, DNS and common network services
- Experience with security frameworks and compliance requirements such as GDPR, ISO 27001, NIST 800 and PCI DSS.
If you believe you have the right skills, attitude and experience please click 'apply now' below and upload your resume. Alternatively, for a confidential chat, please contact Kevin Ng by applying directly to email or reach out at
We apologies that only shortlisted candidates will be contacted.
Information Security Engineer – Associate
Posted today
Job Viewed
Job Description
Company Introduction:
*We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."
Job Summary: *
The Information Security Engineer is part of the Information Security function, playing a key role in enhancing the organization security posture. The incumbent is responsible for designing, building, operating, and evolving enterprise IT security solutions to meet the organization's security requirements, while engaging key stakeholders to deliver key security services.
Job Duties:
Job Responsibilities:
- Engineer, implement and monitor security measures for the protection of computer systems, networks and information.
- Configure and troubleshoot security infrastructure to ensure optimal performance and alignment with security policies.
- Maintain all solution design documentation, processes, procedures and report on metrics to demonstrate effective and efficient management of services.
- Support security tool enhancements and policy governance, including tasks such as reviewing and updating application control policies, managing user access profiles, and performing regular recertification of access rights. Tools involved may include application whitelisting platforms and Endpoint Detection & Response (EDR) solutions.
- Deliver and maintain core security services, such as integrating systems with Identity and Access Management (IAM) platforms (e.g., Privileged Identity Management and Identity Governance & Administration), maintaining system account inventories, and coordinating periodic access reviews and recertification campaigns.
- Ensure security tools are properly configured and maintained to support the detection of and response to cyber security threats (e.g., tuning alert rules, updating threat signatures, and integrating tools with incident response workflows).
- Conduct and document disaster recovery testing for security tools.
- Ensure smooth daily operations of account management processes, including reviewing system account requests for accuracy, identifying and resolving automation issues, and driving process improvements through automation and workflow optimization.
- Manage relationship with product vendors and suppliers to ensure timely maintenance, updates, and enhancements of security tools and solutions.
Job Requirements:
- Must have a relevant University degree in Computer Science, Information Management, or related field, or equivalent experience.
- Proven work experience as a System Security Engineer or Information Security Engineer.
- Experience in building, maintaining and operating security systems and platforms.
- Hands on experience in EndPoint security (e.g., app control, EDR) and IAM (e.g., PIM, IGA) tools and related workflows.
- Understanding of the latest security principles, techniques, and protocols (such as zero trust, etc).
- Ability to work collaboratively in cross-functional teams and communicate effectively with technical and non-technical stakeholders.
- Good presentation, project planning and documentation skills.
- Problem solving skills and ability to work under pressure.
- Familiarity with web technologies (e.g., web applications, web Services, service-oriented architectures) and network/web protocols.
- Knowledge with application, database and operating system and cloud security (AWS or Huawei Cloud Stack) is an asset.
- Experience with scripting (e.g., Python) or automation tools (e.g., Ansible) is preferred.
- Understanding of risk / control frameworks, such as Mitre ATT&CK, D3FEND, OWASP or NIST Cybersecurity Framework will be added advantage.
- Professional certifications such as CISSP, CISM, CEH, GIAC (e.g., GSEC, GCIA, GPEN), or AWS Certified Security will be added advantage .
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
Location:
HKEX - TKO
Shift:
Standard - 40 Hours (Hong Kong SAR)
Scheduled Weekly Hours:
40
Worker Type:
Permanent
APAC Information Security Engineer
Posted today
Job Viewed
Job Description
About the company:
Our client is a leading global professional firm operating in over thirty countries. The Lead Information Security Engineer role's is to safeguard the organization's IT systems and data. This role requires the candidate's active participation in the implementation of security policies and procedures, the monitoring and analysis of security events and the maintenance of security tools. Other responsibilities are to identify, investigate and resolve any security threats, vulnerabilities and incidents. The candidate must keep up to date with the latest security trends, have excellent communication and problem-solving skills and have a deep understanding of security principles and technologies. The individual will have a functional role in mentoring other team members and share the off-hour support responsibilities.
Responsibilities:
- Review, analyze, and monitor security system reports and logs for suspicious activities, trends, and patterns. This includes web filters, mail gateways, firewalls, encryption systems, anti-malware systems, and IDS/IPS.
- Configure, maintain, and administer security products and solutions used within the firm.
- Configure, maintain, and administer firewalls, web proxy devices, data loss prevention systems, and security information event monitoring systems.
- As a member of the Incident Response Team, respond to alerts, warnings, incidents, and help desk tickets to minimize firm asset exposure under the direction of the IS Security Manager.
- Participate in troubleshooting efforts for all IT security-related problems, including managing and using TAM arrangements with specified security vendors.
- Serve as a technician/engineer on IS projects.
- Conduct risk and security reviews on products as directed by the IT Security Manager or IS management.
- Configure access control systems, assigning rights to appropriate resources for users, IS personnel, and vendors.
- Recommend controls to ensure appropriate protection levels and adherence to the overall information security strategy.
- Monitor IS security metrics, including security system logs, Windows server logs, and network monitoring systems.
- Administer systems and processes to monitor and reconcile system patch status and discovered vulnerabilities, managing metrics that provide patch and vulnerability status. Work with responsible groups inside and outside of IT to remediate.
- Provide consultation and conduct internal investigations that may require forensic analysis under the direction of the IT Security Manager and/or IS management.
- Respond to audit findings as directed by the IT Security Manager and/or IT Management.
- Evaluate and recommend commercial security vendors and products.
- Perform other duties as assigned or required.
Qualifications and Experience
- Bachelor's degree in Cybersecurity Engineering or Computer Sciences
- Strong professional experience in information security with a focus on security operations and technical support
- Experience in Microsoft office Suite, iManage or others company technologies
- Expereince in Palo Alto Network's Firewalls and Prisma Access
- Hand on experience with VPN, SSL and other encryption technologies
- Good knowledge of server, workstation, and Active Directory technologies that impact security controls
- Deep understanding of TCP/IP, DNS and common network services
- Experience with security frameworks and compliance requirements such as GDPR, ISO 27001, NIST 800 and PCI DSS.
If you believe you have the right skills, attitude and experience please click 'apply now' below and upload your resume. Alternatively, for a confidential chat, please contact Kevin Ng by applying directly to email or reach out at
We apologies that only shortlisted candidates will be contacted.