58 Security Lead jobs in Hong Kong

2 days ago Be among the first 25 applicants

We are seeking a highly capable and experienced professional with approximately 10 years of experience in cybersecurity governance, and IT audit and security assessment support. This role focuses on leading security assessments in collaboration with technical teams, reviewing and translating technical findings into clear and impactful reports for clients, regulators, and senior management. The ideal candidate will possess strong analytical skills, excellent communication abilities, and a solid understanding of security controls across various technology domains.

Your Role

• Lead and coordinate security assessments across infrastructure, applications, and cloud environments, working closely with technical SMEs.
• Interface with technical teams to understand control implementation and translate findings into governance insights.
• Prepare high-quality security reports and presentations tailored for client and senior stakeholders.
• Support responses to client and regulatory security inquiries, ensuring accuracy, clarity, and timely delivery.
• Support the development of security reporting and risk metrics
• Contribute to the development and refinement of security policies, standards, and procedures.
• Support audit and assessment activities, including evidence collection and coordination with internal teams.
• Promote security awareness and contribute to training initiatives across the organization.

To Succeed in this Role

• Minimum 10 years of experience in cybersecurity governance, technology risk, or audit-related roles.
• Strong understanding of security controls across infrastructure, application, and cloud domains.
• Proven ability to work with technical teams and translate technical content into business-friendly reporting.
• Experience in preparing client-facing documentation and presentations.
• Excellent written and verbal communication skills in English.
• Familiarity with regulatory frameworks and standards (e.g., ISO 27001, NIST, CIS).
• Relevant certifications such as CISM, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.

Preferred Attributes

• Experience in regulated industries such as finance, healthcare, or insurance.
• Strong stakeholder engagement and coordination skills.
• Detail-oriented with a proactive and structured approach to governance.
• Familiarity with GRC

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

About The Company

Zeal Group is an award-winning FinTech organization offering a variety of products. Founded in 2017, we have grown to a team of 700+ employees across the globe. Headquartered in London, UK, our offices and presence are spread across Europe, Asia, North & South Africa, Middle East and South America, with our Technology hub located in Cyprus. We are a product and people focused company who are passionate about growth, innovative technology, and collaboration.

• Daily management of the security analysis team
• Internal security project management and follow-up
• Participation in security incident investigations
• Contribution to the management of cybersecurity tool development directions and security tool roadmaps, including researching technologies, conducting proof-of-concept tests, and performing testing
• Execution of continuous risk analysis and reduction of risks in cloud infrastructure
• Compilation and submission of reports on audit results, highlighting risks, security vulnerabilities, and non-compliance with internal policies and external regulations
• Hardening and security enhancements in cloud infrastructure (GCP and K8s)
• Research and development of new cybersecurity monitoring tools
• Assessment of security postures in cloud and on-premises deployments, with recommendations and implementation of countermeasures
• Collaboration with application architects to resolve cybersecurity issues and provide possible solutions
• Implementation of automated cybersecurity measures (rolling keys, security audit log analysis, etc.)
• External vendor evaluation and comparison
  
  
  

• Daily management of the security analysis team
• Internal security project management and follow-up
• Participation in security incident investigations
• Contribution to the management of cybersecurity tool development directions and security tool roadmaps, including researching technologies, conducting proof-of-concept tests, and performing testing
• Execution of continuous risk analysis and reduction of risks in cloud infrastructure
• Compilation and submission of reports on audit results, highlighting risks, security vulnerabilities, and non-compliance with internal policies and external regulations
• Hardening and security enhancements in cloud infrastructure (GCP and K8s)
• Research and development of new cybersecurity monitoring tools
• Assessment of security postures in cloud and on-premises deployments, with recommendations and implementation of countermeasures
• Internal documentation development (standards, manuals, specifications, etc.)
• Collaboration with application architects to resolve cybersecurity issues and provide possible solutions
• Implementation of automated cybersecurity measures (rolling keys, security audit log analysis, etc.)
• External vendor evaluation and comparison
  
  
  

• Bachelor degree or above, more than 3 years of experience in managing security teams
• Solid knowledge of cybersecurity
• Experience with GCP Cloud
• In-depth understanding of Kubernetes and Helm, as well as practical experience in using them
• Expertise in Terraform, GitLab CI, and Qualys
• Knowledge of modern techniques for exploiting application vulnerabilities
• Experience with Linux
• Skills: Rich knowledge of CI/CD
• Experience in security audits
• Familiarity with static and dynamic security scanning tools
• Ability to work under pressure and handle multiple tasks simultaneously
• Team-oriented, energetic, and eager to progress in a fast-changing, demanding, and progressive environment
• Fluent in spoken English
• Passionate about solving challenging problems and fast iteration

• Seniority level Mid-Senior level

• Employment type Full-time

• Industries Non-profit Organizations and Primary and Secondary Education

Referrals increase your chances of interviewing at Zeal Group by 2x

Get notified about new Cyber Security Specialist jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 4 days ago

Sha Tin District, Hong Kong SAR 5 days ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

3 days ago Be among the first 25 applicants

Get AI-powered advice on this job and more exclusive features.

About The Company
Zeal Group is an award-winning FinTech organization offering a variety of products. Founded in 2017, we have grown to a team of 700+ employees across the globe. Headquartered in London, UK, our offices and presence are spread across Europe, Asia, North & South Africa, Middle East and South America, with our Technology hub located in Cyprus. We are a product and people focused company who are passionate about growth, innovative technology, and collaboration.

• Daily management of the security analysis team
• Internal security project management and follow-up
• Participation in security incident investigations
• Contribution to the management of cybersecurity tool development directions and security tool roadmaps, including researching technologies, conducting proof-of-concept tests, and performing testing
• Execution of continuous risk analysis and reduction of risks in cloud infrastructure
• Compilation and submission of reports on audit results, highlighting risks, security vulnerabilities, and non-compliance with internal policies and external regulations
• Hardening and security enhancements in cloud infrastructure (GCP and K8s)
• Research and development of new cybersecurity monitoring tools
• Assessment of security postures in cloud and on-premises deployments, with recommendations and implementation of countermeasures
• Collaboration with application architects to resolve cybersecurity issues and provide possible solutions
• Implementation of automated cybersecurity measures (rolling keys, security audit log analysis, etc.)
• External vendor evaluation and comparison
  

• Daily management of the security analysis team
• Internal security project management and follow-up
• Participation in security incident investigations
• Contribution to the management of cybersecurity tool development directions and security tool roadmaps, including researching technologies, conducting proof-of-concept tests, and performing testing
• Execution of continuous risk analysis and reduction of risks in cloud infrastructure
• Compilation and submission of reports on audit results, highlighting risks, security vulnerabilities, and non-compliance with internal policies and external regulations
• Hardening and security enhancements in cloud infrastructure (GCP and K8s)
• Research and development of new cybersecurity monitoring tools
• Assessment of security postures in cloud and on-premises deployments, with recommendations and implementation of countermeasures
• Internal documentation development (standards, manuals, specifications, etc.)
• Collaboration with application architects to resolve cybersecurity issues and provide possible solutions
• Implementation of automated cybersecurity measures (rolling keys, security audit log analysis, etc.)
• External vendor evaluation and comparison
  

• Bachelor degree or above, more than 3 years of experience in managing security teams
• Solid knowledge of cybersecurity
• Experience with GCP Cloud
• In-depth understanding of Kubernetes and Helm, as well as practical experience in using them
• Expertise in Terraform, GitLab CI, and Qualys
• Knowledge of modern techniques for exploiting application vulnerabilities
• Experience with Linux
• Skills: Rich knowledge of CI/CD
• Experience in security audits
• Familiarity with static and dynamic security scanning tools
• Ability to work under pressure and handle multiple tasks simultaneously
• Team-oriented, energetic, and eager to progress in a fast-changing, demanding, and progressive environment
• Fluent in spoken English
• Passionate about solving challenging problems and fast iteration

• Seniority level Mid-Senior level

• Employment type Full-time

• Industries Non-profit Organizations and Primary and Secondary Education

Referrals increase your chances of interviewing at Zeal Group by 2x

Get notified about new Cyber Security Specialist jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 4 days ago

Sha Tin District, Hong Kong SAR 5 days ago

Sha Tin District, Hong Kong SAR 1 week ago

Sha Tin District, Hong Kong SAR 1 week ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

2 days ago Be among the first 25 applicants

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  
  

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  
  

• 5+ years of experience in information security, security risk, or a related area.
• Degree in Information Security, Computer Science, Information Management Systems, or a related field.
• Demonstrated track record in leading and implementing successful information security initiatives and programs.
• Ability to apply analytical rigor to understand complex business scenarios, with strong problem-solving skills and the ability to work independently.
• Excellent presentation and communication skills, with the ability to convey complex security concepts in clear, business-intelligible language.
• Experience working in a multinational organization is advantageous.
• Fluent in English (verbal and written).
• Relevant certifications (e.g., CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent) are a plus.
  
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Insurance

Referrals increase your chances of interviewing at AXA Hong Kong and Macau by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 days ago

Shenzhen, Guangdong, China CN¥45,000.00-CN¥65,000.00 2 years ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

2 days ago Be among the first 25 applicants

Join to apply for the Lead, Information Security Assurance role at AXA Hong Kong and Macau

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  

• Provide professional security advisory and recommendations on solutions architecture, business project requirements, and security related enquiry.
• Develop and maintain security policies and process documentation. Ensure alignment with Corporate Security standards and controls.
• Conduct security risk assessment on technology solutions and/or technical controls to identify potential security threats and vulnerabilities and develop strategies to mitigate risks. Maintain security risk register, and communicate identified risks and impacts to stakeholders.
• Conduct security assessment and ISO audit and managing the exercise from end-to-end.
• Support external security audits and compliance assessments, devising mitigation measures to effectively address findings.
• Oversee security incident management and support the first line to ensure timely detection, response, and resolution of security incidents.
• Periodically review and update security policies and operational processes for security control enhancement.
• Prepare management reports for the Chief Security Officer and the Management team.
  

• 5+ years of experience in information security, security risk, or a related area.
• Degree in Information Security, Computer Science, Information Management Systems, or a related field.
• Demonstrated track record in leading and implementing successful information security initiatives and programs.
• Ability to apply analytical rigor to understand complex business scenarios, with strong problem-solving skills and the ability to work independently.
• Excellent presentation and communication skills, with the ability to convey complex security concepts in clear, business-intelligible language.
• Experience working in a multinational organization is advantageous.
• Fluent in English (verbal and written).
• Relevant certifications (e.g., CISSP, CISA, OSCP, CEH, ISO 27001, NIST, or equivalent) are a plus.
  

• Seniority level Not Applicable

• Employment type Full-time

• Job function Information Technology
• Industries Insurance

Referrals increase your chances of interviewing at AXA Hong Kong and Macau by 2x

Get notified about new Information Security Specialist jobs in Hong Kong, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 2 days ago

Shenzhen, Guangdong, China CN¥45,000.00-CN¥65,000.00 2 years ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Network & Security Lead Engineer/Team Lead & Network Engineer (2 roles, MNC SI & WFH) role at JustOneGalaxy Recruitment .

We are hiring for two roles: a Lead Engineer/Team Lead and a Network Engineer, both requiring experience in system integration and security. These positions are with a multinational system integrator offering remote work options.

• Lead a team of approximately 5 network engineers on project implementation.
• Provide technical guidance and support to team members.
• Coordinate with external vendors for training and team development aligned with company technology focus.
• Monitor project progress and technical health.
• Customize processes to meet project needs.
• Develop and review project technical plans.
• Manage technical resource allocation throughout project timelines.
• Implement security products such as Firewall, IDS/IPS, MFA, EDR, SIEM, SASE, etc., with extensive experience considered an advantage.
• Expertise in dynamic routing protocols (BGP, OSPF, EIGRP), advanced network features (Vxlan, ACI, QoS, HA, WAN optimization), and Cisco routing and SDN.
• Document project requirements and support tender processes with security presales teams.
• Oversee submission of technical documents and ensure quality standards.
• Work under pressure and adapt to project needs.

• Degree in Computing or Engineering.
• Experience in solution architecture and system integration.
• Management experience with security engineers.
• Strong communication, analytical, and problem-solving skills.
• Minimum 5 years in network system integration or distribution environment.
• Knowledge of networking basics (TCP/IP, switching, routing), Windows/Linux servers, and VMs.
• Scripting skills (Ansible, Python, YAML) are a plus.
• Knowledge of IT/cyber security policies and compliance standards (PCI, MAS TRM, IM8) is advantageous.

• Support and manage network security technologies, including Firewalls, VPN, SASE, SSE, EDR, cloud platforms.
• Design and oversee complex network security projects.
• Develop security solutions and troubleshoot incidents.
• Provide documentation and training; support emergency responses as needed.

• Diploma or higher in telecommunications, IT, or related fields.
• Proficiency with Cisco, Fortinet, Checkpoint, Palo Alto, and other security solutions.
• At least 3 years’ relevant experience in network security and cybersecurity.
• Certifications in network security products are preferred.
• Strong problem-solving and communication skills in Cantonese, English, and Mandarin.

• Seniority Level: Mid-Senior level
• Employment Type: Full-time
• Job Function: Information Technology
• Industry: Human Resources Services

This job posting appears to be active; no indication of expiration is present.

Join to apply for the Network & Security Lead Engineer/Team Lead & Network Engineer (2 roles, MNC SI & WFH) role at JustOneGalaxy Recruitment .

We are hiring for two roles: a Lead Engineer/Team Lead and a Network Engineer, both requiring experience in system integration and security. These positions are with a multinational system integrator offering remote work options.

• Lead a team of approximately 5 network engineers on project implementation.
• Provide technical guidance and support to team members.
• Coordinate with external vendors for training and team development aligned with company technology focus.
• Monitor project progress and technical health.
• Customize processes to meet project needs.
• Develop and review project technical plans.
• Manage technical resource allocation throughout project timelines.
• Implement security products such as Firewall, IDS/IPS, MFA, EDR, SIEM, SASE, etc., with extensive experience considered an advantage.
• Expertise in dynamic routing protocols (BGP, OSPF, EIGRP), advanced network features (Vxlan, ACI, QoS, HA, WAN optimization), and Cisco routing and SDN.
• Document project requirements and support tender processes with security presales teams.
• Oversee submission of technical documents and ensure quality standards.
• Work under pressure and adapt to project needs.

• Degree in Computing or Engineering.
• Experience in solution architecture and system integration.
• Management experience with security engineers.
• Strong communication, analytical, and problem-solving skills.
• Minimum 5 years in network system integration or distribution environment.
• Knowledge of networking basics (TCP/IP, switching, routing), Windows/Linux servers, and VMs.
• Scripting skills (Ansible, Python, YAML) are a plus.
• Knowledge of IT/cyber security policies and compliance standards (PCI, MAS TRM, IM8) is advantageous.

• Support and manage network security technologies, including Firewalls, VPN, SASE, SSE, EDR, cloud platforms.
• Design and oversee complex network security projects.
• Develop security solutions and troubleshoot incidents.
• Provide documentation and training; support emergency responses as needed.

• Diploma or higher in telecommunications, IT, or related fields.
• Proficiency with Cisco, Fortinet, Checkpoint, Palo Alto, and other security solutions.
• At least 3 years’ relevant experience in network security and cybersecurity.
• Certifications in network security products are preferred.
• Strong problem-solving and communication skills in Cantonese, English, and Mandarin.

• Seniority Level: Mid-Senior level
• Employment Type: Full-time
• Job Function: Information Technology
• Industry: Human Resources Services

This job posting appears to be active; no indication of expiration is present.

2 days ago Be among the first 25 applicants

Direct message the job poster from JustOneGalaxy Recruitment

• Lead a team of around 5 Network engineers on project implementation
• Must have strong hands-on experience in implementation
• Provide technical advisory to team members
• Liaise with external vendors for training and team development aligned with the company’s technology focus
• Monitor overall project technical progress and health
• Tailor processes to meet specific project needs
• Manage proper assignment of technical resources during different project timelines
• Experience in security products implementation (e.g., Security Configuration Management, Network Access Control, Firewall, IDS/IPS, MFA, EDR, VM, PAM, DNS security, SIEM, SASE) is advantageous
• Expertise in dynamic routing protocols and advanced network features such as BGP, OSPF, EIGRP, VXLAN, ACI, QoS, High Availability (HA), WAN optimization
• In-depth product knowledge of Cisco Routers, Intent-Based Networking, and SDN
• Collaborate with security presales team for tender bidding, including service sizing and scope of work
• Oversee submission of all technical documentation
• Ability to work under pressure

• Degree in Computing or Engineering
• Well-versed in solution architecture design
• Understanding of system integration and quality processes
• Experience managing a team of security engineers
• Resource management skills
• Good communication and interpersonal skills
• At least 5 years’ experience in network system integration or distribution environment
• Working knowledge of MS Visio
• Basic networking knowledge (TCP/IP, switching, routing)
• Experience setting up Windows/Linux servers and VMs
• Knowledge of coding/scripting (e.g., Ansible, Python, YAML) is a plus
• Familiarity with IT/cybersecurity policies (preferred)
• Basic knowledge of PCI/MAS TRM/IM8 compliance (preferred)

• Mid-Senior level

• Full-time

• Information Technology

• Human Resources Services

Referrals increase your chances of interviewing at JustOneGalaxy Recruitment by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

Direct message the job poster from JustOneGalaxy Recruitment

• Lead a team of around 5 Network engineers on project implementation
• Must have strong hands-on experience in implementation
• Provide technical advisory to team members
• Liaise with external vendors for training and team development aligned with the company’s technology focus
• Monitor overall project technical progress and health
• Tailor processes to meet specific project needs
• Manage proper assignment of technical resources during different project timelines
• Experience in security products implementation (e.g., Security Configuration Management, Network Access Control, Firewall, IDS/IPS, MFA, EDR, VM, PAM, DNS security, SIEM, SASE) is advantageous
• Expertise in dynamic routing protocols and advanced network features such as BGP, OSPF, EIGRP, VXLAN, ACI, QoS, High Availability (HA), WAN optimization
• In-depth product knowledge of Cisco Routers, Intent-Based Networking, and SDN
• Collaborate with security presales team for tender bidding, including service sizing and scope of work
• Oversee submission of all technical documentation
• Ability to work under pressure

• Degree in Computing or Engineering
• Well-versed in solution architecture design
• Understanding of system integration and quality processes
• Experience managing a team of security engineers
• Resource management skills
• Good communication and interpersonal skills
• At least 5 years’ experience in network system integration or distribution environment
• Working knowledge of MS Visio
• Basic networking knowledge (TCP/IP, switching, routing)
• Experience setting up Windows/Linux servers and VMs
• Knowledge of coding/scripting (e.g., Ansible, Python, YAML) is a plus
• Familiarity with IT/cybersecurity policies (preferred)
• Basic knowledge of PCI/MAS TRM/IM8 compliance (preferred)

• Mid-Senior level

• Full-time

• Information Technology

• Human Resources Services

Referrals increase your chances of interviewing at JustOneGalaxy Recruitment by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.