52 Threat Detection jobs in Hong Kong

2 days ago Be among the first 25 applicants

Direct message the job poster from Kerry Consulting

We are seeking a strategic and hands-on Vulnerability Management Lead to lead our client's vulnerability management program. This role is responsible for designing, implementing, and continuously improving our vulnerability identification, assessment, and remediation processes to reduce risk across our enterprise environment.

You will work closely with stakeholders across IT, Security Operations, Governance, Risk & Compliance (GRC), and Application Development to ensure timely and effective remediation of vulnerabilities, while also establishing metrics, governance frameworks, and reporting mechanisms to track risk reduction and program effectiveness.

We would be open to relocating candidates to Hong Kong for this role.

Responsibilities:

• Lead the end-to-end vulnerability management lifecycle, including identification, prioritization, remediation, and reporting of vulnerabilities across infrastructure, applications, cloud, and endpoint environments.
• Define and implement vulnerability management strategy and roadmap, aligning with overall cybersecurity goals and risk posture.
• Develop and maintain governance frameworks, including policies, standards, and procedures related to vulnerability scanning, assessment, and remediation.
• Coordinate vulnerability scanning and threat intelligence tools (e.g., Qualys, Tenable, Rapid7, etc.) to ensure accurate and timely detection.
• Establish strong collaboration with Infrastructure, DevOps, Cloud, and Application Security teams to drive timely and risk-based remediation of vulnerabilities.
• Report on vulnerability management metrics, trends, and risk indicators to senior leadership and stakeholders, including compliance with internal SLAs and regulatory obligations.
• Stay current with emerging threats, vulnerabilities, and industry best practices to evolve the program proactively.
• Lead or participate in vulnerability-related incident response efforts, root cause analysis, and lessons learned.
• Oversee vulnerability assessments and penetration testing activities, whether internally executed or via third-party vendors.
• Engage with auditors and regulators as needed to demonstrate controls and effectiveness of the vulnerability management program.

Requirements:

• Bachelor's or Master's degree in Cybersecurity, Computer Science, Information Systems, or related field.
• 10+ years of experience in information security, with at least 5 years in vulnerability management with recent leadership experience.
• Proven experience building and scaling vulnerability management programs in a complex enterprise.
• Strong understanding of risk-based vulnerability prioritization, CVSS scoring, threat intelligence integration, and exploitability context.
• Hands-on experience with common tools: Qualys, Tenable, Rapid7, Nexpose, Burp Suite, etc.
• Familiarity with frameworks and standards such as NIST, CIS Controls, ISO 27001, and relevant regulatory requirements.

To apply:

If you're interested to apply or find out more, please share across your CV or reach out to Chen Yi at for a discussion. Due to anticipated high volume of applications, we regret to inform that only shortlisted candidates will be notified.

Reg: R1876389

Lic: 16S8060

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries Information Services

Referrals increase your chances of interviewing at Kerry Consulting by 2x

Hong Kong SAR HK$32,000.00-HK$6,000.00 2 weeks ago

Hong Kong SAR HK 17,925.00-HK 29,523.00 2 months ago

Kwai Tsing District, Hong Kong SAR 2 hours ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We're seeking a Regional Vulnerability Management Project Coordinator to lead the APAC vulnerability management initiatives. In this role, you'll transform raw security data into actionable insights while ensuring flawless execution of global cybersecurity standards across local implementations.

Main Responsibilities

Program Coordination

• Support the regional execution of the global vulnerability and compliance management program
• Establish and maintain project governance frameworks for IT Operations departments
• Oversee end-to-end vulnerability operations (scoping, scanning, reporting, stakeholder coordination)

Stakeholder & Remediation Management

• Partner with local teams to optimize organizational processes and remediation workflows
• Govern Business IT departments' vulnerability remediation activities
• Assess and mitigate security risks from vulnerabilities and compliance gaps
• Deliver regular updates to global/regional stakeholders, including C-level executives
• Provide field insights to the Programme Lead to shape APAC strategy

Training & Enablement

• Develop training materials and conduct awareness sessions on VM tools/reports
• Drive adoption of vulnerability management procedures across stakeholders
• Translate technical findings into actionable business recommendations

Qualifications & Experience

• 5-7 years of hands-on vulnerability management experience, including comprehensive understanding of vulnerability assessment lifecycle (scanning, analysis, prioritization, remediation tracking) and interpretation of security findings across platforms.
• Proficiency in data visualization tools (PowerBI, Tableau) for security reporting
• Demonstrated success managing complex, cross-functional security initiatives
• Exceptional communication skills with ability to present to technical and executive audiences
• Strong attention to detail with ability to maintain accuracy in fast-paced environments
• Knowledge of Qualys, Nexpose, or similar vulnerability assessment platforms is good to have.
• Financial services or highly regulated industry experience is preferred but not mandatory.
• Relevant certifications are a plus (CISSP, CISM, CRISC)

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting, Financial Services, and Banking

Referrals increase your chances of interviewing at We+ Asia by 2x

Central & Western District, Hong Kong SAR 3 weeks ago

Wan Chai District, Hong Kong SAR 3 weeks ago

Central & Western District, Hong Kong SAR 9 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

1 day ago Be among the first 25 applicants

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

Get AI-powered advice on this job and more exclusive features.

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  
  
  

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  
  
  

• Degree in Computer Science, Information Security, and/or related discipline
• 12 years or more of working experience in the related field, with at least 5 years in the Vulnerability Management domain across various disciplines, including leading and managing teams
• Strong experience covering Vulnerability Management services and required operating procedures
• High degree of logical and analytical thinking skills, particularly on the different categories of vulnerabilities and how they work
• Strong service and customer-focused approach to the service being delivered
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – Vulnerability Assessment, DevSecOps, Pen-Testing, Secure Code Review, Attack Surface Management, Red Team
• Industry-recognised certification in one or more of the following – CISSP, CISM, etc.
  
  
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Get notified about new Senior Technical Manager jobs in Sha Tin District, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 17 hours ago

Tsim Sha Tsui, Hong Kong SAR 3 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Shek Pik, Hong Kong SAR HK$40,000.00-HK$70,000.00 1 month ago

Islands District, Hong Kong SAR 8 months ago

Kwai Tsing District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

2 days ago Be among the first 25 applicants

We're seeking a Regional Vulnerability Management Project Coordinator to lead the APAC vulnerability management initiatives. In this role, you'll transform raw security data into actionable insights while ensuring flawless execution of global cybersecurity standards across local implementations.

Main Responsibilities

Program Coordination

• Support the regional execution of the global vulnerability and compliance management program
• Establish and maintain project governance frameworks for IT Operations departments
• Oversee end-to-end vulnerability operations (scoping, scanning, reporting, stakeholder coordination)

Stakeholder & Remediation Management

• Partner with local teams to optimize organizational processes and remediation workflows
• Govern Business IT departments' vulnerability remediation activities
• Assess and mitigate security risks from vulnerabilities and compliance gaps
• Deliver regular updates to global/regional stakeholders, including C-level executives
• Provide field insights to the Programme Lead to shape APAC strategy

Training & Enablement

• Develop training materials and conduct awareness sessions on VM tools/reports
• Drive adoption of vulnerability management procedures across stakeholders
• Translate technical findings into actionable business recommendations

Qualifications & Experience

• 5-7 years of hands-on vulnerability management experience, including comprehensive understanding of vulnerability assessment lifecycle (scanning, analysis, prioritization, remediation tracking) and interpretation of security findings across platforms.
• Proficiency in data visualization tools (PowerBI, Tableau) for security reporting
• Demonstrated success managing complex, cross-functional security initiatives
• Exceptional communication skills with ability to present to technical and executive audiences
• Strong attention to detail with ability to maintain accuracy in fast-paced environments
• Knowledge of Qualys, Nexpose, or similar vulnerability assessment platforms is good to have.
• Financial services or highly regulated industry experience is preferred but not mandatory.
• Relevant certifications are a plus (CISSP, CISM, CRISC)

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Information Technology
• Industries IT Services and IT Consulting, Financial Services, and Banking

Referrals increase your chances of interviewing at We+ Asia by 2x

Central & Western District, Hong Kong SAR 3 weeks ago

Wan Chai District, Hong Kong SAR 3 weeks ago

Central & Western District, Hong Kong SAR 9 months ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

1 day ago Be among the first 25 applicants

Join to apply for the Senior Technical Manager, Vulnerability Management role at The Hong Kong Jockey Club

Get AI-powered advice on this job and more exclusive features.

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  

• Managing the VM Team in the aspects of continuous Infrastructure Vulnerability Scanning & Configuration Compliance (for Platforms, Database, Networks and Voice), Penetration Testing and Scanning for Application & Infrastructure Security and Development, Security & Operations (DevSecOps), through hiring, training, coaching, objective setting and performance management of team members
• Managing the external service providers and product vendors, ensuring the appropriate service level performance is established, monitored and met
• Provide oversight on the handling of vulnerabilities identified, ensuring appropriate priority is given to effectively remediate the vulnerabilities within the agreed timelines
• Ensure the relevant and adequate coverage of vulnerability intelligence, to assess the vulnerabilities in the Club’s context and the external threat landscape
• Ensure the vulnerability management services provided for applications (incl. DevSecOps) and infrastructure are operating effectively
• Continuously identify control and coverage gaps, and improvement initiatives to uplift the Vulnerability Management service
• Develop and present the VM metrics, reports and service highlights to the business and IT stakeholders
• Act as the lead during actively exploited or critical severity vulnerabilities being identified, lead the development of the vulnerability response plan and oversee the implementation of it
  

• Degree in Computer Science, Information Security, and/or related discipline
• 12 years or more of working experience in the related field, with at least 5 years in the Vulnerability Management domain across various disciplines, including leading and managing teams
• Strong experience covering Vulnerability Management services and required operating procedures
• High degree of logical and analytical thinking skills, particularly on the different categories of vulnerabilities and how they work
• Strong service and customer-focused approach to the service being delivered
• Excellent interpersonal, collaborative and communication skills
• Well-disciplined with exemplary professional competence and integrity
• Experience with the following services and technologies – Vulnerability Assessment, DevSecOps, Pen-Testing, Secure Code Review, Attack Surface Management, Red Team
• Industry-recognised certification in one or more of the following – CISSP, CISM, etc.
  

• Seniority level Mid-Senior level

• Employment type Full-time

• Job function Engineering and Information Technology
• Industries Non-profit Organizations

Referrals increase your chances of interviewing at The Hong Kong Jockey Club by 2x

Get notified about new Senior Technical Manager jobs in Sha Tin District, Hong Kong SAR .

Sha Tin District, Hong Kong SAR 1 day ago

Sha Tin District, Hong Kong SAR 17 hours ago

Tsim Sha Tsui, Hong Kong SAR 3 months ago

Sha Tin District, Hong Kong SAR 2 weeks ago

Shek Pik, Hong Kong SAR HK$40,000.00-HK$70,000.00 1 month ago

Islands District, Hong Kong SAR 8 months ago

Kwai Tsing District, Hong Kong SAR 3 days ago

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

4 days ago Be among the first 25 applicants

We are seeking a diligent and proactive Information Security Officer to oversee and maintain the operational integrity, security, and compliance of our secured room facilities. This role is critical in supporting ongoing monitoring, access control, and administrative processes to ensure the highest standards of safety and regulatory compliance are met.

Your Role

• Conduct monthly inspection of access logs and CCTV reviews to ensure adherence to security protocols.
• Manage user access applications on a bi-weekly or ad hoc basis, in line with corporate access governance procedures.
• Complete and maintain a monthly secured room checklist, covering physical and operational controls.
• Perform monthly access inventory assessments, including user recertification activities. • Address administrative and technical issues such as network or hardware incidents on an ad hoc basis.
• Coordinate monitoring and inspection of the Foshan secured room (monthly and as needed).
• Perform daily monitoring of security guard performance and escalate concerns when appropriate.
• Assist in implementing security control enhancements such as mobile device management (MDM), two-factor authentication (2FA), and ID verification improvements

To Succeed in this Role

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum of 3 years of experience in information security, risk management, or a related role.
• Knowledge of network security principles and incident response procedures.
• Excellent analytical skills with the ability to assess security risks and implement effective mitigation strategies.
• Strong problem-solving abilities to address technical and administrative issues as they arise.
• Effective verbal and written communication skills to convey security policies and procedures clearly to stakeholders.

• Seniority level Mid-Senior level

• Employment type Contract

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-052025-6742617

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking

4 days ago Be among the first 25 applicants

We are seeking a diligent and proactive Information Security Officer to oversee and maintain the operational integrity, security, and compliance of our secured room facilities. This role is critical in supporting ongoing monitoring, access control, and administrative processes to ensure the highest standards of safety and regulatory compliance are met.

Your Role

• Conduct monthly inspection of access logs and CCTV reviews to ensure adherence to security protocols.
• Manage user access applications on a bi-weekly or ad hoc basis, in line with corporate access governance procedures.
• Complete and maintain a monthly secured room checklist, covering physical and operational controls.
• Perform monthly access inventory assessments, including user recertification activities. • Address administrative and technical issues such as network or hardware incidents on an ad hoc basis.
• Coordinate monitoring and inspection of the Foshan secured room (monthly and as needed).
• Perform daily monitoring of security guard performance and escalate concerns when appropriate.
• Assist in implementing security control enhancements such as mobile device management (MDM), two-factor authentication (2FA), and ID verification improvements

To Succeed in this Role

• Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.
• Minimum of 3 years of experience in information security, risk management, or a related role.
• Knowledge of network security principles and incident response procedures.
• Excellent analytical skills with the ability to assess security risks and implement effective mitigation strategies.
• Strong problem-solving abilities to address technical and administrative issues as they arise.
• Effective verbal and written communication skills to convey security policies and procedures clearly to stakeholders.

• Seniority level Mid-Senior level

• Employment type Contract

• Job function Information Technology
• Industries Software Development, Information Services, and Technology, Information and Media

Referrals increase your chances of interviewing at PCCW by 2x

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

Join to apply for the Information Security Manager role at Michael Page .

1 day ago Be among the first 25 applicants.

Our client is a well-established organization within the financial services sector. With a large workforce and a solid market presence in Hong Kong, they are committed to maintaining high standards in technology and information security.

As a 'Manager, Information Security,' your main responsibilities will include:

• Overseeing the implementation and maintenance of the bank's information security systems.
• Conducting regular audits and risk assessments to ensure adherence to security protocols.
• Developing and implementing information security policies and procedures.
• Training and mentoring staff on information security best practices.
• Conducting cybersecurity assessments, including penetration testing and infrastructure/web application reviews.
• Managing and maintaining security systems such as firewalls, NAC, IPS, and SIEM.
• Leading and coordinating information security projects across departments.
• Managing incident responses and investigations into security breaches.
• Staying updated on the latest trends and developments in information security.
• Reporting on the status of information security to senior management.

A Successful 'Manager, Information Security' Should Have

• A degree in Computer Science, Information Security, or a related field.
• Proven experience in a managerial role within the field of information security.
• Familiarity with information security regulations and standards in the financial services industry.
• Exceptional leadership and communication skills.
• The ability to handle sensitive information with discretion and integrity.

• A competitive salary in the range of HKD 648,000 - HKD 792,000 per annum.
• Standard benefits package.
• The chance to work in a fast-paced, technology-driven environment within the financial services industry.
• Opportunities for career progression and professional development.
• A supportive and collaborative company culture.

We encourage all candidates who believe they can fulfill these responsibilities and possess the necessary qualifications and skills to apply. This is a fantastic opportunity to join a leading financial organization in Hong Kong and make a significant impact in the field of Information Security.

Contact: Alexis Wee

Quote job ref: JN-052025-6742617

• Mid-Senior level

• Full-time

• Information Technology and Engineering

• Financial Services, Accounting, and Banking