36 Security Operations jobs in Hong Kong

Join to apply for the Threat Intelligence Lead role at Canonical

3 months ago Be among the first 25 applicants

Join to apply for the Threat Intelligence Lead role at Canonical

Get AI-powered advice on this job and more exclusive features.

The Threat Intelligence Lead will own Canonical's threat intelligence strategy and execution, including understanding of which cyber threat actors are targeting Canonical, and the use of intelligence on Tactics, Techniques and Procedures (TTP) to better our products and internal cybersecurity controls. You will collaborate with internal stakeholders as well as with the wider cybersecurity community, making sure that Canonical is recognised as a thought leader on open source threat intelligence.
This role will report to the CISO.
You will lead intelligence gathering and development activities on threat actors targeting software supply chains. You'll study attack trends across the wider open source software landscape, report findings to internal security teams, and advise the wider engineering community on the best course of action to detect and mitigate possible threats.
As the publisher of Ubuntu, Canonical products are directly or indirectly present in almost every organisation and household in the world, making them a prime target for threat actors. This team's mission is to help Canonical, and by extension countless community members and companies around the world, secure their software infrastructure.
What you'll do in this role

• Build and own Canonical's threat intelligence strategy
• Build and maintain OSINT research environments
• Develop OSINT tradecraft, principals, and techniques
• Identify and track targeted intrusion cyber threats, trends, and new developments by cyber threat actors through analysis of proprietary and open source datasets
• Collaborate across teams to inform on activity of interest
• Coordinate adversary/campaign tracking
• Contribute to the wider threat intelligence community, establishing Canonical as a key contributor and thought leader in the space
• Work with product and engineering teams to explain cybersecurity threats and advise on mitigation strategies
• Work with the OPSEC and IS team to help implement/update security controls prioritising cyber defence
• Identify intelligence gaps and propose new tools and research projects to fill them
• Conduct briefings for executives, internal stakeholders and external customers
  

• An experienced threat intelligence leader (or similar)
• Knowledgeable about the current open source threat landscape and computer networking/infrastructure concepts
• Highly competent with OSINT tools (e.g., Buscador, Trace Labs OSINT VM, OSINT Framework, Maltego, Shodan, social media scraping tools, etc.)
• Able to identify, organise, catalogue, and track adversary tradecraft trends — often with incomplete data
• Experienced using threat intelligence data to influence enterprise architecture or product development decisions
• An excellent communicator with the ability to clearly articulate and tailor technical content to a variety of audiences
• Able to travel twice a year, for company events up to two weeks long
  

• A professional portfolio of OSINT related scripts, tools, or frameworks
• Demonstrated involvement in the larger OSINT community (please share relevant links)
• Degree qualified, with a bachelor's degree in computer science, information security, or a related field
• Certifications in related areas (e.g. GOSI, SANS SEC487 & SEC587, IntelTechniques OSIP, etc)
• Experience in a tech company or government/military signal intelligence departments
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Cyber Security Operations Specialist role at Mox Bank

3 days ago Be among the first 25 applicants

Join to apply for the Cyber Security Operations Specialist role at Mox Bank

About Mox

Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Application Deadline: 29 September 2025

Department: Technology-CDSIO

Location: Hong Kong (SAR)

• Design, implement, and maintain a range of cyber security solutions and technologies including configuration, troubleshooting, and optimisation, to ensure effective threat detection and response.
• Collaborate with internal stakeholders to ensure security solutions align with business objectives and security strategies.
• Stay current with the latest attacks, vulnerabilities, and industry best practices to enhance overall Security Operation procedures and processes.
• Analyse and prioritise security alerts from various sources, determining the severity and potential impact on the organization.
• Perform cyber security incident response, management, and investigations to mitigate risks and recover from security incidents.
• Conduct proactive threat hunting activities to identify and address potential security issues before they escalate.
• Create and maintain incident response playbooks and procedures to standardize responses to various types of security incidents.
• Drive technical management of digital forensic investigations and e-Discovery exercises to support incident response and legal requirements.
• Accountable for undertaking complex research and analysis of threat actors to understand their tactics, techniques, and procedures (TTPs).
• Manage the collection of relevant and actionable Threat Intelligence (TI) and enhance TI platforms to support decision-making.
• Strong focus on defensive and offensive research to strengthen security posture.
• Deliver and present intelligence to various stakeholders on Strategic, Tactical, Operational and Technical levels.
• Leverage Threat Intelligence (TI) to inform alert prioritisation and incident response decisions, adapting strategies based on emerging threats.
• Report writing and security awareness, especially relating to vulnerabilities, threat landscape, and intelligence.
• Conduct regular incident response simulations and tabletop exercises to assess readiness and improve response capabilities.
  
  

• Strong hands-on and technical experience across various core cyber security solutions and technologies: SIEM, EDR, VM, Secure Internet Proxies, Open-Source Technologies, OSINT
• The ability to see opportunities to improve, break them into logical pieces of work, and follow them through to execute at a technical level.
• Proven experience in responding to security incidents.
• Demonstrated capability in proactive threat hunting, utilising tools and techniques to uncover hidden threats within the environment.
• Strong understanding of network security principles and protocols
• Ability to analyse logs and events from operating systems and applications to identify suspicious activities and potential security incidents.
• Understanding of containerisation and their security implications.
• Understanding of various operating systems.
• Proficiency in at least one or more coding languages (Python, Java, etc.) would be ideal.
• A positive attitude and an eagerness to expand current cloud security knowledge.
• Commitment to ongoing professional development and staying updated on emerging threats, technologies, and industry trends.
• Strong team player to collaborate with a diverse team.
• A critical thinker, with strong problem-solving & analytical skills with an ability to enhance or automate processes including the threat intel platforms, sources, and tooling.
• 
  
  
  All personal data provided by applicants will be used for recruitment and other employment-related purposes only. Personal data of unsuccessful applicants will be erased within 24 months of rejection of the applicant’s application.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other, Information Technology, and Management
• Industries Banking

Referrals increase your chances of interviewing at Mox Bank by 2x

Get notified about new Security Operations Specialist jobs in Hong Kong, Hong Kong SAR .

Kwai Tsing District, Hong Kong SAR 2 weeks ago

Hong Kong SAR HK$17,925.00-HK$29,523.00 2 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Security Operations Engineer role at Canonical

3 months ago Be among the first 25 applicants

Join to apply for the Senior Security Operations Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's Security Operation Center
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Previous professional experience working or leading a Security Operation Center
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF and ISO27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Head of Security Operations role at Canonical

Continue with Google Continue with Google

Join to apply for the Head of Security Operations role at Canonical

This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.

While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

This role reports to the CISO.

What you will do in this role:

• Hire and mentor a team of outstanding technical security professionals
• Define Canonical's SecOps security standards and playbooks
• Own and drive the architecture and design of the SOC
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• Proven track record of mitigating with advanced threat actors and nation state threats
• Expert technical understanding of SOCs from the ground up
• In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc
• Someone who understands how the SOC works not just how to use it
• Expert in Linux security
• Ability to define, implement, automate and measure effective incident response playbooks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Confidence to report security performance metrics with accountability for accuracy and completeness
  
  

• Experience in offensive or defensive security teams with hands-on ability
• Experience with open source security tools
• Experience with security standards such as ISO 27001
• Experience with security posture management of corporate endpoitns

• Seniority level Director

• Employment type Full-time

• Job function Other, Information Technology, and Management
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Head of Security jobs in Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Staff Security Operations Engineer role at Canonical

3 months ago Be among the first 25 applicants

Join to apply for the Staff Security Operations Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.

Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.

The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.

The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role:

• Implement and evolve Canonical's SecOps security standards and playbooks
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001
  
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Hong Kong, Hong Kong SAR
SGD24,000.00
-
SGD60,000.00
3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Staff Security Operations Engineer role at Canonical

3 months ago Be among the first 25 applicants

Join to apply for the Staff Security Operations Engineer role at Canonical

Get AI-powered advice on this job and more exclusive features.

We have opened several senior/staff Security Operations Engineer (SOC) positions, creating a new team reporting to the CISO. We are looking for a range of experience in these positions - at the high end we are looking for deep experience defending highly contested critical assets and high-value cyber targets against advanced persistent threats and state-level actors. We have more junior roles for exceptional individuals with a proven personal interest an engagement in cyber attack and defence, and outstanding academic and career performance even if experience is limited.
Our goal is to build an entirely new level of assurance and observable rigour into the open source supply chain. We have our own estate to monitor, but more broadly our goal is to raise the robustness of the entire global Ubuntu estate through the work of this team.
The Security Operations (SecOps) team is responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
What you will do in this role:

• Implement and evolve Canonical's SecOps security standards and playbooks
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Expertise in threat modelling and risk management frameworks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• Experience with security standards such as ISO 27001
  

• Experience in a security operations team or a security operations centre (SOC)
• Experience in offensive or defensive security teams with hands-on ability
• Experience with state-actor and other advanced persistent threats
  

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Hong Kong, Hong Kong SAR
SGD24,000.00
-
SGD60,000.00
3 weeks ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the (Senior) Security Operations Engineer role at OSL

1 day ago Be among the first 25 applicants

Join to apply for the (Senior) Security Operations Engineer role at OSL

Get AI-powered advice on this job and more exclusive features.

• Maintain and enhance cybersecurity tools and solutions, including SIEM, EDR, SOAR, Vulnerability Management, HIDS/NIDS technologies, Data Loss Prevention, Network Proxy and Open-Source Tools.
• Maintain and enhance log sources (e.g., firewalls, servers, endpoints, cloud platforms) for centralized monitoring, ensuring comprehensive visibility and correlation in SIEM platforms.
• Maintain secure configurations for network devices, proxies, and cloud infrastructure
• Automate security processes using scripting (e.g., Python, Bash) to enhance threat detection, log analysis, and incident response workflows.
• Conduct vulnerability assessments and support the end-to-end vulnerability management lifecycle, prioritizing remediation for critical systems.
• Integrate security controls into development pipelines, ensuring secure software development and deployment.
• Monitor and analyze security logs to detect anomalies, cross-referencing with approved domains and app traffic.
• Support digital forensic investigations and e-Discovery, analyzing logs and endpoints for evidence of compromise.

Requirement

• At least 5-8 years of experience in Information Security, Computer Science, or related field, or equivalent experience.
• Working Experience with SIEM, EDR, SOAR, Vulnerability Management, HIDS/NIDS technologies, Network Proxy and Open-Source Tools
• Strong scripting skills in Python, Bash, or similar languages for automation and log analysis.
• Experience with cloud security (e.g., AWS, GCP, Azure) and managing log sources from cloud platforms.
• Experience with DevSecOps and integrating security into CI/CD pipelines.
• Exposure to container security (e.g., Docker, Kubernetes) and cloud-native tools.
• Understanding of network protocols, firewall configurations, and secure proxies.
• Excellent problem-solving and analytical skills, with a focus on process automation.
• Ability to work under pressure, managing multiple priorities in a fast-paced environment.
• Collaborative mindset, working effectively with diverse teams to champion cybersecurity

• Seniority level Director

• Employment type Full-time

• Industries Securities and Commodity Exchanges

Referrals increase your chances of interviewing at OSL by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Cyber Security Operations Specialist role at Mox Bank

3 days ago Be among the first 25 applicants

Join to apply for the Cyber Security Operations Specialist role at Mox Bank

About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Application Deadline: 29 September 2025

Department: Technology-CDSIO

Location: Hong Kong (SAR)

• Design, implement, and maintain a range of cyber security solutions and technologies including configuration, troubleshooting, and optimisation, to ensure effective threat detection and response.
• Collaborate with internal stakeholders to ensure security solutions align with business objectives and security strategies.
• Stay current with the latest attacks, vulnerabilities, and industry best practices to enhance overall Security Operation procedures and processes.
• Analyse and prioritise security alerts from various sources, determining the severity and potential impact on the organization.
• Perform cyber security incident response, management, and investigations to mitigate risks and recover from security incidents.
• Conduct proactive threat hunting activities to identify and address potential security issues before they escalate.
• Create and maintain incident response playbooks and procedures to standardize responses to various types of security incidents.
• Drive technical management of digital forensic investigations and e-Discovery exercises to support incident response and legal requirements.
• Accountable for undertaking complex research and analysis of threat actors to understand their tactics, techniques, and procedures (TTPs).
• Manage the collection of relevant and actionable Threat Intelligence (TI) and enhance TI platforms to support decision-making.
• Strong focus on defensive and offensive research to strengthen security posture.
• Deliver and present intelligence to various stakeholders on Strategic, Tactical, Operational and Technical levels.
• Leverage Threat Intelligence (TI) to inform alert prioritisation and incident response decisions, adapting strategies based on emerging threats.
• Report writing and security awareness, especially relating to vulnerabilities, threat landscape, and intelligence.
• Conduct regular incident response simulations and tabletop exercises to assess readiness and improve response capabilities.
  

• Strong hands-on and technical experience across various core cyber security solutions and technologies: SIEM, EDR, VM, Secure Internet Proxies, Open-Source Technologies, OSINT
• The ability to see opportunities to improve, break them into logical pieces of work, and follow them through to execute at a technical level.
• Proven experience in responding to security incidents.
• Demonstrated capability in proactive threat hunting, utilising tools and techniques to uncover hidden threats within the environment.
• Strong understanding of network security principles and protocols
• Ability to analyse logs and events from operating systems and applications to identify suspicious activities and potential security incidents.
• Understanding of containerisation and their security implications.
• Understanding of various operating systems.
• Proficiency in at least one or more coding languages (Python, Java, etc.) would be ideal.
• A positive attitude and an eagerness to expand current cloud security knowledge.
• Commitment to ongoing professional development and staying updated on emerging threats, technologies, and industry trends.
• Strong team player to collaborate with a diverse team.
• A critical thinker, with strong problem-solving & analytical skills with an ability to enhance or automate processes including the threat intel platforms, sources, and tooling.
• 
  All personal data provided by applicants will be used for recruitment and other employment-related purposes only. Personal data of unsuccessful applicants will be erased within 24 months of rejection of the applicant’s application.

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Other, Information Technology, and Management
• Industries Banking

Referrals increase your chances of interviewing at Mox Bank by 2x

Get notified about new Security Operations Specialist jobs in Hong Kong, Hong Kong SAR .

Kwai Tsing District, Hong Kong SAR 2 weeks ago

Hong Kong SAR HK$17,925.00-HK$29,523.00 2 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Head of Security Operations role at Canonical

Continue with Google Continue with Google

Join to apply for the Head of Security Operations role at Canonical

This global leadership role in cyber security is to manage the Security Operations (SecOps) team responsible for design, implementation and evolution of Canonical security practices, techniques, tools, systems and policies. The team is the primary owner of strategy and practices that determine how Canonical secures its data, internal infrastructure and build processes. They are responsible for assuring the security and integrity of our own infrastructure and product deployments. They design and implement technical security controls that ensure security threats are automatically identified, contained and remediated. The team will also contribute ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attack.
As a leader on cyber security in the company, the SecOps team manager will collaborate with our Organisational Learning and Development team to develop playbooks and facilitate SecOps training across Canonical. They will operate in a wider security organisation, run a high performing security team and improve Canonical's security posture. They will lead initiatives to integrate the team's insights into Canonical's broader software development process.
While this is a management position, we expect managers to be expert practitioners, able to lead by example, contribute at the highest level, and assess work based on their own professional experience and skill. Candidates should have deep, hands-on expertise with a range of open source and proprietary security tooling and practices, which they can integrate into a holistic next generation security solution across the breadth of Canonical's interests.
The SecOps team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They might share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.
This role reports to the CISO.
What you will do in this role:

• Hire and mentor a team of outstanding technical security professionals
• Define Canonical's SecOps security standards and playbooks
• Own and drive the architecture and design of the SOC
• Analyse and improve Canonical's security architecture
• Evaluate, select and implement new security tools and practices
• Identify, contain and guide the remediation of security threats and cyber attacks
• Grow the presence and thought leadership of Canonical SecOps practice
• Contribute to open source threat intelligence initiatives
• Drive threat modelling, table top exercises and other SecOps practices across Engineering, IS and Canonical
• Develop Canonical SecOps learning and development materials
• Publish blog posts, whitepapers and conference presentations
• Identify, implement and track SecOps KPIs
• Plan and deliver SecOps work in the framework of Canonical's agile engineering practice
• Work with Security leadership to present information and influence change
  

• Proven track record of mitigating with advanced threat actors and nation state threats
• Expert technical understanding of SOCs from the ground up
• In depth knowledge of SOC architecture and design including strategies for logging, firewalls, network segmentation, honeypots etc
• Someone who understands how the SOC works not just how to use it
• Expert in Linux security
• Ability to define, implement, automate and measure effective incident response playbooks
• Knowledge of security architecture and market-leading security tools
• Experience contributing to, and consuming, threat intelligence feeds
• Experience in security risk management frameworks such as NIST CSF
• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Confidence to report security performance metrics with accountability for accuracy and completeness
  

• Experience in offensive or defensive security teams with hands-on ability
• Experience with open source security tools
• Experience with security standards such as ISO 27001
• Experience with security posture management of corporate endpoitns

• Seniority level Director

• Employment type Full-time

• Job function Other, Information Technology, and Management
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Head of Security jobs in Hong Kong SAR .

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.