What Jobs are available for Software Security in Hong Kong?

About OKX
At OKX, we believe that the future will be reshaped by Crypto, ultimately contributing to every individual's freedom. OKX began as a crypto exchange giving millions of people access to crypto trading and over time becoming among the largest platforms in the world. In recent years, we have developed one of the most connected Web3 wallets used by millions to access decentralized crypto applications (dApps). OKX is a trusted brand by hundreds of large institutions seeking access to crypto markets on a reliable platform that seamlessly connects with global banking and payments. In the last year, OKX has expanded into new markets including Australia, Brazil, Netherlands, Singapore and Turkey, with plans to launch in the US, Belgium and the UAE.

We are deeply committed to shaping a fairer, more transparent and accessible society through blockchain technology. This is why we publish proof of reserves monthly, and continue to ship new innovative security features.

Responsibilities

• Identify and address security vulnerabilities in code, systems, and networks using manual review, automated tools, and threat modeling.
• Manage and optimize application security tools, processes, and alerts.
• Validate and respond to Bug Bounty submissions.
• Stay informed on the latest offensive security techniques, application security threats, and best practices, and suggest improvements to enhance our security posture.
• Produce detailed reports of your findings, present them to both management and technical teams, and contribute to preventing real-world attacks.
• Collaborate with development teams to implement secure coding practices.
• Work alongside other teams, including operations and compliance, to ensure that security is a consistent priority across the organization.
• Participate in incident response and management activities.

Qualifications

• 3+ years of experience in offensive security techniques.
• In-depth understanding of security risks, vulnerabilities, and concepts in web and mobile applications.
• Proficient in code review, particularly with Kotlin/Swift/Typescript/JavaScript, with a strong grasp of application security threats.
• Ability to create proof-of-concepts (PoCs) to demonstrate vulnerabilities, review patch code for adherence to standards, and collaborate with repository owners and maintainers.
• Strong analytical and problem-solving abilities.
• Excellent verbal and written communication skills.

Nice-to-have

• Prior experience in developing mobile security SDKs with a daily active user base of over ten million is preferred.
• Participated in large-scale business risk control projects, or have practical experience in threat intelligence/business risk prevention, and analysis/countermeasures against black and gray industries.
• In-depth reverse engineering of major apps from first-tier vendors, or other experiences/projects that demonstrate reverse engineering capabilities.
• Priority given to candidates who can simultaneously master relevant technologies on multiple platforms.
• Proficient in ARM assembly, capable of deep-level countermeasures at the native and application layers.
• Have certain capabilities in device fingerprint recognition, able to simulate new devices through methods such as flashing, modification, and application cloning.

Perks & Benefits

• Competitive total compensation package
• L&D programs and Education subsidy for employees' growth and development
• Various team building programs and company events
• More that we love to tell you along the process

Information collected and processed as part of the recruitment process of any job application you choose to submit is subject to OKX's Candidate Privacy Notice.

(Senior) Security Engineer

Responsibilities:

 Support various network security technologies, and have extensive experience in

installing, configuring, managing network security products like Firewalls, Application

security, virtual networking, VPN, SASE, SSE, EDR and cloud / virtualization platforms

Design, plan, document and oversee all aspects of complex network design and

implementation project involving diverse technologies

rovide comprehensive guidance for developing and modifying security solutions

anage multiple projects effectively and work calmy under pressure

nvestigate, troubleshoot and resolve network and security incidents

erve as a point of escalation and assist engineers with projects and security cases

evelop documentation manual and provide training to customers

d-hoc emergency support during non-office hours is required

Requirements:

igher diploma or above in telecommunications, information technology, computer science

or related discipline

roficient in Cisco, Fortinet, Checkpoint and Palo Alto Network Security Technologies and

other its cybersecurity product solution

inimum of 4 year(s) of relevant in -dept work experience in Network Security and

Cybersecurity, such as SSE, SASE, VPN, ZTNA, and other network related technology

solution

nowledge of SIEM, SOAR, EDR/XDR, DLP, CASB and WAF

older certification in Network Security product as such Cisco, Fortinet, Checkpoint, Palo

Alto, Zscaler and Microsoft etc.

trong problem solving, analytical, interpersonal and communication skills in both written

and verbal Cantonese, English and Mandarin

• Network Engineer

Responsibilities:

• Primary responsible for Network projects roll out, include Network (LAN/WAN), Wireless and network security and documentation
• Provide daily operations support , troubleshooting and maintenance services including servers and network issue
• Escalation support and co-operate with the operation team on daily operation
• Carry out emergency duties and ad hoc tasks

Requirements:

• Degree holder or above in telecommunications, information technology, computer science or related discipline
• Solid experience on Network (LAN/WAN), switch, router, wireless and security
• Holder of Cisco CCNA / CCNP will be advantage
• Preferred with 2-3 year(s) of work experience in IT or telecommunication industry
• Good command of spoken and written English and Chinese

工作類型: 全職, 兼職, 長工

薪酬: $25,000.00至$50,000.00(每月)

福利:

• 牙科保險
• 視力保險
• 醫療保險

Work Location: 親身到場

Role: Information Security Engineer

Location:
Hong Kong (Hybrid)

Level:
Senior / AVP

Comp:
Competitive + Excellent Benefits

A high-performing, global trading firm is looking for a hands-on Security Engineer to help build and evolve security across cloud, on-prem, and crypto-facing environments. This isn't a checkbox role, you'll be embedded in a deeply technical engineering culture, trusted to design, implement, and improve core security infrastructure from the ground up.

What you'll be working on:

• Securing high-performance environments: CI/CD, K8s, cloud infra, low-latency systems
• Hardening systems: ZTNA, micro-segmentation, secrets management, Vault
• Writing tooling and automations in Python (mandatory)
• Building and tuning detections, EDR/XDR, SIEM rules, SOAR integrations
• Assessing and securing crypto custody, wallet transfer processes, key management
• Owning documentation, playbooks, threat models, and secure architecture reviews

What we're looking for:

• Deep engineering mindset — someone who understands systems and writes clean code
• Solid experience in cloud security, Unix/Linux environments, and secure infra design
• Track record across at least 3 of: detection engineering, secrets mgmt, K8s security, cloud hardening, crypto/DeFi, or SDLC security
• Comfort working in fast-paced, low-ego technical teams where trust and clarity matter
• Bonus: certifications (GCSA, CKS, GCPN), open-source contributions, threat modeling skills

This is a serious environment, built for engineers who want to own high-impact security work and work alongside others who care about doing things right.

If that sounds like you, reach out directly. Confidential chats welcome.

Join the Pioneer Crypto Brand in the Philippines

Coins is the most established crypto brand in The Philippines and has gained the trust of more than 18 million users. Through the easy-to-use mobile app, users can buy and sell a variety of different cryptocurrencies and access a wide range of financial services.

Coins is fully regulated by the Bangko Sentral ng Pilipinas (BSP) and is the first ever crypto-based company in Asia to hold both Virtual Currency and Electronic Money Issuer licenses from a central bank.

• Conduct comprehensive penetration testing on company applications and systems, and organize regular attack-defense drills.
• Test and bypass the defense technologies of the company's blue team to enhance the security protection level.
• Research offensive and defensive technologies, track and analyze cutting-edge industry technologies, and introduce excellent security technologies and tools.
• Participate in the construction of security capabilities, including detection rules, monitoring strategies, and intrusion traceability.
• Build and drill countermeasures and TTPs (Tactics, Techniques, and Procedures) based on real threat intelligence and industry APT behavior models.

• Possess more than 5 years of practical experience in attack and defense, and be able to independently complete penetration testing work.
• Familiar with common internal network attack ideas and methods, have internal network penetration and domain penetration capabilities with successful cases.
• Have practical experience in AWS cloud environment penetration, container and Kubernetes security attack and defense.
• Familiar with Linux/Windows system principles, databases and related technologies, and proficient in command execution and privilege escalation techniques.
• Familiar with mainstream Web frameworks and capable of code auditing and vulnerability mining (java/go/python).
• Have practical experience in red and blue team exercises.
• Be able to write scripts or tools for automated exploitation and basic tool development.

Join the Coins Team Now

Meaningful Collaborations - The successful candidate will work cross-functionally with other relevant teams to carry out implementations that will improve and create an impact on customer experience.

Scalable Growth - Be part of a fast-growing organization with the vision to expand its territories outside APAC which will provide opportunities for career advancement.

A Space For Bright Ideas - Let your bright ideas be converted into meaningful changes Coins culture welcomes new ideas backed up by data to create an impact.

New Role - Security Engineer - Hong Kong or Singapore Based

Security Engineer -
12 Month Rolling Contract
- Ideally going permanent.

Location:
Hong Kong or Singapore.

Salary: Paying around
65,000
(however open to
paying more
dependant on experience).

My client require candidates with the following:

• Direct firewall Management
• SIEM / EDR tools
• Hands on experience with core tools / migration of tools
• Cyber tools configuration, deployment and support
• Incident Response
• Infrastructure
• Network Security

Apply now to learn more about the role and who DVF are currently partnering with

Responsibilities:

• Responsible for project deployment of SIEM solutions, security services.
• Occasional on-site support
• Provide 1st support & troubleshooting of security services
• Any ad-hoc tasks assigned by supervisor

Qualifications:

• Higher diploma / Associate degree holder or above in IT, computer science or other related disciplines.
• 1-2 years or above working experience would be an advantage
• Willing to work in shift duty
• Hands-on technical experience on security solutions, Linux, Windows would be an advantage
• Holder of professional certifications would be an advantage
• Willing to learn new technologies and strong problem-solving skills
• Fluent in Chinese, with proficiency in English an advantage
• Fresh graduate is also welcome

About the Role:

We are looking for a dedicated Security Engineer to manage and enhance our security posture. You will be responsible for the operation of security devices, threat detection, incident response, data security, and ensuring compliance with security standards.

Responsibilities:

·    Manage the daily operation and maintenance of security devices, including firewalls, Intrusion Detection/Prevention Systems (IDS/IPS), Web Application Firewalls (WAF), Security Information and Event Management (SIEM) systems. This includes performing inspections, troubleshooting, and optimizing configurations.

·    Analyze security logs and monitor network traffic. Optimize threat detection rules and screen for false positives to continuously improve security detection capabilities.

·    Develop and refine security monitoring strategies based on business scenarios. Improve security operation processes to enhance the efficiency of threat identification and response.

·    Oversee data security operations, conduct data security risk assessments for specific business lines, analyze anomalous behavior, and formulate data security policies.

·    Lead security incident detection, response, investigation, and forensic analysis. Prepare detailed security analysis reports and recommend preventative measures.

·    Stay current with the latest security threats and vulnerabilities. Continuously optimize the security framework to strengthen the company's overall security defenses.

·    Collaborate with internal and external audits and compliance initiatives. Provide security compliance support to ensure business adherence to relevant security standards and regulations.

Qualifications:

·    Bachelor's degree or higher in Cybersecurity, Computer Science, or a related discipline, or equivalent practical experience.

·    Familiarity with the operation and management of mainstream security devices (e.g., firewalls, IDS/IPS, WAF, SIEM).

·    Strong understanding of network security protocols (TCP/IP, HTTP, SSL/TLS) and knowledge of security offensive and defensive techniques.

·    Ability to analyze threat intelligence. Experience with security log analysis, network traffic monitoring, and anomaly detection.

·    Understanding of data security principles, encryption technologies, and access control.

·    Experience with security incident response and forensic analysis.

Job Responsibilities

• Collaborate with Security Operation Center, Security Consulting team and customer's stakeholders to deliver and deploy professional security services or solution
• Provide professional security advisory service and troubleshoot recommendation to customers by designing and proposing security solutions
• Assist the review of customer's overall IT security architecture, security solution design and security operation process
• Prepare and document standard operating procedures and reports for further security enhancements
• Support external and internal security audit

Requirements

• High diploma or above in IT / Computer Science or related disciplines
• 3 year or above relevant experience in IT security
• Possess security professional certification (CISSP, CCSK, CCSP, CISA, CISM, etc.) is an advantage
• It will be an advantage to possess the following, but not a must: o Palo Alto o Fortinet o Splunk o IBM o ELK
• Proficiency in writing technical specifications are required
• A good team player, self-motivated and can work independently
• Good communication, interpersonal and problem solving skills
• Good command of written and spoken English and Chinese -- Cantonese speaking is required, Mandarin speaking is a plus

Working Location

• Shek Mun

Working Hour

• 9am-6pm , Mon -Fri

Automated Systems (H.K.) Limited (ASL) has a distinguished and proud reputation of more than 40 years of successful business in Hong Kong and surrounding regions with our customers, partners and vendors.

We have subsidiaries and associates in a number of locations, including Hong Kong, mainland China, Taiwan, Macau, Thailand, Singapore, Malaysia, Europe and the United States.

Since our founding in 1973 and our subsequent public listing on the Stock Exchange of Hong Kong Limited in 1997 under the name of Automated Systems Holdings Limited ("The ASL Group") (HKEx stock code: 771), we are well recognized as a leading global IT solutions and services provider for organizations of all sizes and across all industries.

The ASL Group's ultimate controlling shareholder is Beijing Teamsun Technology Co. Ltd. ("Teamsun") whose shares are listed on the Shanghai Stock Exchange (Stock Code: The Group is a member of the Teamsun Group which recorded turnover with over RMB 5.0 billion and has over 5,000 employees.

With over 2,000 regional employees and an extensive network of leading global partners with whom we have invested heavily over many years, we are able to offer customers a wide range of innovative solutions and services tailored to their specific business needs.

For details, please visit to our company web site at

Job Responsibilities

Collaborate with Security Operation Center and Security Consulting team and customer's stakeholders to deliver and deploy professional security services or solutions

Engineer, implement and monitor security measures for the protection of computer systems, networks, and information

Provide professional security advisory service and troubleshoot recommendation to customers by designing and proposing security solutions

Assist the review of customer's overall IT security architecture, security solution design and security operation process

Prepare and document standard operating procedures and reports for further security enhancements

Support external and internal security audit

Guide and mentor other junior Engineers in the team

May require providing 24x7 on call assistance/duty in responding to security incidents

Requirements

Degree or above in IT / Computer Science or related disciplines

3 years or above relevant experience in IT security

Possess security professional certification (CISSP, CCSK, CCSP, CISA, CISM, etc.) is an advantage

Effective verbal and written communication skills and proficiency in writing technical specifications are required

It will be an advantage to possess the following, but not a must: Palo Alto, Fortinet, Splunk, IBM , ELK

A good team player, self-motivated and can work independently with minimal supervision

Good communication, interpersonal and problem solving skills

Good command of written and spoken English and Chinese -- Cantonese speaking is required, Mandarin speaking is a plus

Candidate with less experience would be considered as security engineer

We offer 5-day week, excellent career opportunities, remuneration and benefits to the right candidates. If you have the desire for an exciting and rewarding career, please send us your resume, stating your notice period, present and expected salary to Human Resources Department by clicking "Apply Now".

To learn us more, please visit our website:

We are an equal opportunity employer. All applications will be treated in strict confidence. We regret that only shortlisted candidates will be notified. All personal data will be destroyed within six months after the selection process.

Full-time