What Jobs are available for Vp Security in Hong Kong?

Ref: AVPIS/IT/ DB/95

Responsibilities

• Responsible for planning, designing, implementation and maintenance of IT security infrastructure, system and network
• Review IT initiatives on technology risk perspective, establish and implement remediation security controls
• Work with 'Information Security Officer' on residual risk, vulnerabilities and other security exposures, including misuse of information assets and non-compliance
• Assist in the development of security architecture, policies, standards and related processes
• Manage all aspects of outsourced SOC, coordinate and implement the technical solution for BCP
• Perform other duties as assigned by superior

Requirements

• Degree holder in Computer Science, Computer Engineering, Information Technology, system security or related disciplines
• Minimum 5 years' relevant experience preferably from financial institutions
• Holder of CCSP, SSCP, CCNA, CCNP and with CISSP preferable
• Hands-on experience in firewall, antivirus software and Anti-DDOS administration
• Sound knowledge and experience in IT security and compliance preferable
• Good communication & interpersonal skill., independent and strong self-initiative
• Good command of written and spoken English, with fluency in Putonghua an advantage

We are an equal opportunity employer and welcome applications from all qualified candidates. All applications will be treated in the strictest confidence. Personal data provided will be used for recruitment purposes only. The job applicant will assume all or any risks arising out of or in connection with the job application transmission process prior to our actual receipt of the same including but not limited to accidental or unauthorized loss or disclosure of personal information, to which we will not be responsible in any way.

Under the Personal Data (Privacy) Ordinance, you may request access to, and / or correction of your personal data in relation to your application. If you wish to do so, please email to us.

Company Overview

Everbright Securities International

At Everbright Securities International, we serve with professional integrity. More than a claim, this describes the way we do business. As an international business platform of Everbright Securities Company Limited (SSE: , HKEX: 6178), our Company is engaged in five key businesses: Wealth Management, Corporate Finance & Capital Markets, Institutional Business, Asset Management, and Investment & Financing, serving individuals, corporations and institutions in Hong Kong, Macau and Mainland China.

Operating under the "Everbright Securities International" brand and business brand "EBSI Wealth", complemented with service brands namely "EBSI Private", "EBSI Direct" and "EBSI Forex", our Company is a full-fledged financial platform providing excellent global financial products and services.

Our all-rounded product and service suite, and our solid track record of delivering a steady return on equity while being committed to staff development, present enormous prospects for talents.

For more information about China Everbright Securities International Company Limited, please visit 

Benefits

• Five-day work week, Marriage Leave, Study and Examination Leave, Compassionate Leave, Festival Eve Early Release Arrangement,
• Dental insurance, Life insurance, Medical insurance,
• Discretionary bonus, Training / examination Sponsorship

About Eddid Financial

Anchored in Hong Kong, Eddid Financial is an all-encompassing financial group centered around fintech and dedicated to integrating cutting-edge artificial intelligence technologies and other latest technologies into its enterprise DNA.  The diversified businesses of Eddid Financial range from retail to institutional and include but are not limited to fintech, internet finance, wealth management, asset management, investment banking, and virtual assets. Eddid Financial is committed to providing one-stop financial services and products to customers through high-quality investment solutions.

Members of the Group hold a variety of licenses and memberships across key financial markets. These include Hong Kong Securities and Futures Commission (SFC) regulated activities ("RA") licenses for types 1, 2, 3, 4, 5, 6, and 9; SEHK and HKCC participant (OTP-C broker number: 0974 and 0977), Insurance Broker Company license; Trust or Company Service Provider License in Hong Kong. Additionally, our fully owned subsidiary, Eddid Securities USA Inc., maintains approved membership with the Financial Industry Regulatory Authority (FINRA), the National Futures Association (NFA), and the Securities Investor Protection Corporation (SIPC), and is a registered broker dealer with the U.S. Securities and Exchange Commission (SEC) and the Commodity Futures Trading Commission (CFTC) in the United States.

With a view to catching up with our rapid expansion, we are sincerely hiring talents to join our Group.

Key elements of the job:

• Work with development and infrastructure teams to identify and enhance IT security control
• Perform regular checking to ensure the compliance with Financial Industrial IT security standard and regulatory requirements
• Participate in security / controls gap analysis to define and implement necessary solutions for compliance purpose
• Support audit engagement and response to the inquiries from regulator and auditor
• Monitor the resolution of audit findings as well as ensure agreed action plans are completed
• Work with Operational Risk, Internal Audit and Compliance Team to analyze new regulatory requirements and work with business units to define and implement necessary processes and technology solutions for compliance purpose
• Promote IT security awareness and apply IT security practice, able to demonstrate adherence to internal control

The ideal candidate:

• University graduate in Computer Science or related disciplines.
• Holder of relevant industry recognized security certifications e.g. CISSP, CISA, CISM, CRISC, CEH,
• Minimum 3-5 years' information security experience in  financial institution
• Sound knowledge of regulatory requirements and strong understanding of financial industry
• Strong knowledge of network security, data security and application security
• Knowledge on IT security tools such as Privileges ID Management, Network Security Monitoring, End Point Protection, Security Incident Event Management System and Data Loss Prevention System are desirable
• Proactive, detail-oriented, and strong problem-solving skills with the ability to work independently and as part of a team
• Strong organizational skills and ability to manage multiple demands and changing priorities
• Good command of spoken and written English and Chinese, including Putonghua

Please email your detailed resume with current and expected salary and availability by clicking "Apply Now". Should you find the qualified candidate, we will contact you shortly for more.

All information provided will be treated in strict confidence and used solely for recruitment purposes.

Responsibilities

• Manage network team and information security team
• Develop and implement comprehensive security policies, procedures, and standards to protect the organization's IT infrastructure and data assets
• Perform security audits and vulnerability assessments, and implement remediation measures to address identified security risks
• Work closely with vendors, service providers and IT staff on security incidents to perform incident handling and provide remedial actions
• Develop and maintain incident response and disaster recovery plans / IT business continuity plan for business sustainability for cyber-attacks and incidents
• Act as the single point of contact for all IT security and audit issues
• Ad-hoc task or project assigned by management

Requirements

• Degree holder in Computer Science, Information Technology or relevant discipline
• With professional certifications such as CCNA, CISSP, CISM or GIAC
• Minimum 5 years' relevant experience in network and information security management for financial institutions
• Solid experience in information security and technology risk management
• Good technical understanding in various operating systems, servers and networking equipment
• Familiar with broad of IT technologies, security protocols, data security, cyber security, cloud security and data protection standards.
• Excellent analytical skills and strong interpersonal and communication skills
• Good command of both written and spoken English and Chinese. Fluency in Putonghua an advantage

We offer a competitive remuneration package to the right candidate. If you are interested in the post, please send your resume together with your present and expected salaries by clicking "Apply Now".

We are an equal opportunity employer and welcome applications from all qualified candidates. All applications will be treated in the strictest confidence. Personal data provided will be used for recruitment purposes only. The job applicant will assume all or any risks arising out of or in connection with the job application transmission process prior to our actual receipt of the same including but not limited to accidental or unauthorized loss or disclosure of personal information, to which we will not be responsible in any way.

Under the Personal Data (Privacy) Ordinance, you may request access to, and / or correction of your personal data in relation to your application. If you wish to do so, please email to us.

Company Overview

Everbright Securities International

At Everbright Securities International, we serve with professional integrity. More than a claim, this describes the way we do business. As an international business platform of Everbright Securities Company Limited (SSE: , HKEX: 6178), our Company is engaged in five key businesses: Wealth Management, Corporate Finance & Capital Markets, Institutional Business, Asset Management, and Investment & Financing, serving individuals, corporations and institutions in Hong Kong, Macau and Mainland China.

Operating under the "Everbright Securities International" brand and business brand "EBSI Wealth", complemented with service brands namely "EBSI Private", "EBSI Direct" and "EBSI Forex", our Company is a full-fledged financial platform providing excellent global financial products and services.

Our all-rounded product and service suite, and our solid track record of delivering a steady return on equity while being committed to staff development, present enormous prospects for talents.

For more information about China Everbright Securities International Company Limited, please visit 

Benefits

• Five-day work week, Marriage Leave, Study and Examination Leave, Compassionate Leave, Festival Eve Early Release Arrangement
• Dental insurance, Life insurance, Medical insurance
• Discretionary bonus, Training / examination Sponsorship

About Us
We're the world's leading provider of secure financial messaging services, headquartered in Belgium. We are the way the world moves value – across borders, through cities and overseas. No other organisation can address the scale, precision, pace and trust that this demands, and we're proud to support the global economy.

We're unique too. We were established to find a better way for the global financial community to move value – a reliable, safe and secure approach that the community can trust, completely. We're always striving to be better and are constantly evolving in an ever-changing landscape, without undermining that trust. Five decades on, our vibrant community reflects the complexity and diversity of the financial ecosystem. We innovate diligently, test exhaustively, then implement fast. In a connected and exciting era, our mission has never been more relevant. Swift now has a presence in 200+ countries and legal territories to serve a community of more than 12,000 banks and financial institutions.

Are you an experienced cyber security professional ready to dive deeper into the realm of Incident Response? Do challenging and complex investigations spanning thousands of systems sound exciting?

Then you have found the right position You will be working with a group of talented cyber security specialists, supporting the world's leading provider of secure financial messaging services. In this position your effort and expertise are highly valued and critical to the global financial market. By joining the APAC team and you will also have the opportunity to contribute to cutting-edge security initiatives at the very forefront of technology.

What To Expect

• Conduct Daily Operational Security Monitoring
• Lead complex depth Security Investigations
• Contribute to industry-leading security initiatives
• Perform Threat Hunting and Threat Intelligence activities
• Create, Update and Maintain security process documentation
• Collaborate with security teams to improve Swift's security posture

What Will Make You Successful

• Bachelor's degree in Computer Science, Engineering or other related field
• 5+ years of experience in a Cyber Security domain, preferably Incident Response
• In-depth understanding of Computer Networks, Windows and Linux OS
• Fluency in English – written and oral
• Willingness to work weekend shifts
• Professional Certifications such as GCIH, GCFA, CISSP, OSCP or others

Swift for you

• Provide extensive training opportunities such as SANS and soft-skill trainings
• Competitive package and excellent work-life balance
• We put you in control of your career
• We give you a competitive package
• We help you perform at your best
• We help you make a difference
• We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals—like you—with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.

If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.

Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

What We Offer
We put you in control of career

We give you a competitive package

We help you perform at your best

We help you make a difference

We give you the freedom to be yourself

We give you the freedom to be yourself. We are creating an environment of unique individuals – like you – with different perspectives on the financial industry and the world. A diverse and inclusive environment in which everyone's voice counts and where you can reach your full potential.
If you believe you require a reasonable accommodation to participate in the job application or interview process, please contact us to request accommodation.
Don't meet every single requirement? At Swift, we are dedicated to building a workplace where people can bring their full selves and ideas to the team, so if you are excited about this role, we encourage you to apply even if you do not meet every single qualification.

Company Introduction:

We're home to Asia's most dynamic and vibrant capital markets.

Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.

HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."

Job Summary:

The AVP – Application Security & Security Engineering Specialist will be responsible for driving the design and deploy of security architecture and functions for new application projects, with a strong focus on application security and secure engineering practices. This role will lead the design, integration, and implementation of security controls across both infrastructure and application layers of the new clearing service platform. The successful candidate will collaborate closely with platform engineering, application development, and cybersecurity teams to ensure that security is embedded throughout the software development lifecycle and aligns with enterprise architecture standards.

Job Duties:

Job Responsibilities:

• Lead the application security and engineering efforts for application projects, ensuring secure design, development, and deployment practices.
• Drive the integration of existing security tools with the new clearing service platform, ensuring compatibility, scalability, and compliance.
• Architect and implement integration patterns across Cloud Security, Identity & Access Management, Network & Application Security, Data Protection, Vulnerability Management, Code scanning tools, Threat Detection & Response, EndPoint Security.
• Collaborate with infrastructure and cloud teams to embed security controls across hybrid environments.
• Develop and maintain integration documentation, including architecture diagrams, data flow mappings, and operational procedures.
• Oversee implementation and testing of security tool integrations, including disaster recovery validation and performance tuning.
• Provide technical leadership and guidance on security tool capabilities, limitations, and optimization strategies.
• Ensure integrated tools support incident detection, response, and compliance reporting.
• Drive automation of integration workflows and repeatable tasks using scripting or orchestration platforms.
• Manage vendor relationships and coordinate with product teams for tool enhancements and troubleshooting.
• Support BAU operations including rule management, policy updates, and change requests for integrated tools.
• Define and setup monitoring and reporting on tool performance, integration health, and security effectiveness.

Job Requirements:

• Proven experience in application security and secure engineering within large-scale platforms.
• Strong understanding of security technologies including:
• Identity & Access Management (CyberArk, SailPoint)
• Network & Application Security (F5 ASM, Palo Alto IPS, Akamai, Cloudflare)
• Data Protection (Forcepoint, Microsoft 365 MIP)
• Vulnerability Management (Tenable and container scanning tools)
• Code scanning tools / CICD - (Fortify, SonarCube, Acunetix)
• Threat Detection & Response (Xsoar, Splunk, ArcSight, Darktrace, Xpanse)
• Cloud Security (Cloud Security Posture Management / Cloudguard)
• Endpoint and Ant-malware Security (Microsoft Defender, Carbon Black, Symantec SPE)
• Experience with cloud platforms (HCS, AliCloud, AWS) and hybrid security architecture.
• Familiarity with scripting and automation tools (e.g., Python, PowerShell).
• Strong project management and stakeholder engagement skills.
• Excellent communication skills, with ability to present to senior management.
• Bachelor's degree in Computer Science, Information Security, or related field; advanced certifications (e.g., CISSP, CISM, AWS/Azure Security) are a plus.

HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.

Location:

HKEX - TKO

Shift:

Standard - 40 Hours (Hong Kong SAR)

Scheduled Weekly Hours:

40

Worker Type:

Contract

Natixis Corporate & Investment Banking is a leading global financial institution that provides advisory, investment banking, financing, corporate banking and capital markets services to corporations, financial institutions, financial sponsors and sovereign and supranational organizations worldwide.

Our teams of experts in close to 30 countries advise clients on their strategic development, helping them to grow and transform their businesses, and maximize their positive impact. Natixis CIB is committed to aligning its financing portfolio with a carbon neutrality path by 2050 while helping its clients reduce the environmental impact of their business.

As part of Groupe BPCE, the second largest banking group in France through the Banque Populaire and Caisse d'Epargne retail networks, Natixis CIB benefits from the Group's financial strength and solid financial ratings (Standard & Poor's: A+, Moody's: A1, Fitch Ratings: A+, R&I: A+).

Position Summary

Part of the IT Security team based in Singapore, he provides Security Expertise on Network Security. He/She will be fully part of the Global Network Security team in charge

His domain of expertise is Firewall, Micro segmentation, Internet proxy, WAF and network security monitoring.

Main Responsibilities:

Implement Firewall filtering
:

• Validate and apply firewall requests.
• Configure filtering software solutions on IPS, WAF and Proxy
• Improve filtering policy to detect and block intrusions.
• Configure the network security events monitoring.
• Follow security alerts

Configure filtering software solution, WAF, Proxy

• Day to day current Network security operations, create, handle tickets (ServiceSnow/Secops).
• Improve filtering policy to detect and block intrusions.
• Configure the network security events monitoring.
• Follow security alerts

Design Security Architecture
:

• Assess existing architectures
• Study and propose the new security solutions
• Check and validate the architectures proposed by other IT teams.
• Advise other IT teams in your domain of expertise.

Vulnerability Management
:

• Vulnerability assessment and follow-up from the detection to the remediation.
• Configure Qualys and run the vulnerability scans.

Required Skills:

• At least 5 years experiences in Network security
• Demonstrate autonomy, responsiveness, readiness, discretion, rigorous and well organized
• Ability to design and implement innovative solutions.
• Work and cooperate with team members in Europe and Asia (knowledge sharing, technical collaboration and mutual assistance)

Natixis Corporate & Investment Banking is a leading global financial institution that provides advisory, investment banking, financing, corporate banking and capital markets services to corporations, financial institutions, financial sponsors and sovereign and supranational organizations worldwide.

Our teams of experts in close to 30 countries advise clients on their strategic development, helping them to grow and transform their businesses, and maximize their positive impact. Natixis CIB is committed to aligning its financing portfolio with a carbon neutrality path by 2050 while helping its clients reduce the environmental impact of their business.

As part of Groupe BPCE, the second largest banking group in France through the Banque Populaire and Caisse d'Epargne retail networks, Natixis CIB benefits from the Group's financial strength and solid financial ratings (Standard & Poor's: A+, Moody's: A1, Fitch Ratings: A+, R&I: A+).

Position Summary

Part of the IT Security team based in Singapore, he provides Security Expertise on Network Security. He/She will be fully part of the Global Network Security team in charge

His domain of expertise is Firewall, Micro segmentation, Internet proxy, WAF and network security monitoring.

Main Responsibilities:

Implement Firewall filtering:

• Validate and apply firewall requests.
• Configure filtering software solutions on IPS, WAF and Proxy
• Improve filtering policy to detect and block intrusions.
• Configure the network security events monitoring.
• Follow security alerts

Configure filtering software solution, WAF, Proxy

• Day to day current Network security operations, create, handle tickets (ServiceSnow/Secops).
• Improve filtering policy to detect and block intrusions.
• Configure the network security events monitoring.
• Follow security alerts

Design Security Architecture:

• Assess existing architectures
• Study and propose the new security solutions
• Check and validate the architectures proposed by other IT teams.
• Advise other IT teams in your domain of expertise.

Vulnerability Management:

• Vulnerability assessment and follow-up from the detection to the remediation.
• Configure Qualys and run the vulnerability scans.

Required Skills

• At least 5 years experiences in Network security
• Demonstrate autonomy, responsiveness, readiness, discretion, rigorous and well organized
• Ability to design and implement innovative solutions.
• Work and cooperate with team members in Europe and Asia (knowledge sharing, technical collaboration and mutual assistance).

Cyber Security and IT Governance Cluster is the first line of defense Control Function to ensure that effective cybersecurity controls are in place in addressing the emerging cyber threats. The Cluster consists of Cyber Security Management (CSM), IT Policy and Compliance (ITPC) and Parameter and User Access Management (PUAM). Its function includes but not limited to the establishment and management of the cybersecurity organization, policies framework development, controls architecture, cybersecurity incident management, cybersecurity awareness, third party security, collaboration with external interested parties, cyber threats intelligence, cybersecurity and IT compliance monitoring, audit and compliance assessment coordination, issues remediation management, and parameter and user access management.

The role of the Head of Cyber Security Management holds the management responsibilities to the Cyber Security Management (CSM) and Parameter and User Access Management (PUAM) functions, with the following responsibilities:

• Formulate the overall strategies and goals of Cyber Security Management, establish annual and long-term cybersecurity strategies, programme.
• Develop and manage a framework for evaluating the maturity of the cybersecurity programme and a roadmap for continual improvement.
• Responsible for formulating cybersecurity control requirements, including policies, procedures and standards.
• Develop and adopt a management system to manage cybersecurity holistically and systemically in addressing the stakeholder security governance requirements and the strategic objectives, and to have appropriate management processes and systems in place that to confirm the requirements of the interested parties, such as Regulators, Head Office and Senior Management etc.
• Provide cybersecurity advice and guidance to the Control Owner on the effective design of its control measures.
• Monitor and evaluate the design and effectiveness of relevant control measures, including organizing the formulation of control effectiveness indicators and conducting regular evaluation and inspections.
• Stay abreast of emerging cybersecurity threats, trends and technologies, continuously enhancing the Bank's security postures.
• Manage team performance and support career guidance of a high performing teams the support cybersecurity management, parameter and user access management.
• Adopting management and security governance model to define and allocate roles and responsibilities for the protection of individual assets and for carrying out specific security processes.

• Define the management requirements, scope, roles and responsibilities, management processes and its interfaces for the following control domains under the Cyber Security Management, and Parameter and User Access Management, oversee the delivery of the corresponding services:

• Data Security Technical Control Management,

• Organization of Cyber Security (Including organizational structure, roles and responsibilities),
• Human Awareness Security,
• Policies Framework Management,
• Control Architecture Management,
• Cyber Security Incident Management,
• Threat Intelligence Management,
• Third Party Security Management,
• Secure System Development Management,
• Parameter and User Access Management.
• Provide directions, guidance and oversights to the IT Operations Center and IT Development Center on embedding cybersecurity requirements into its areas of responsibilities and functions; (i.e. Security Operations, including endpoints, network, infrastructure, operations security and Secure Development).
• Develop, manage and analyze the key monitoring indicators (e.g. KCI) to monitor and report the effectiveness of the cyber security controls.
• Present and report cybersecurity postures regularly to senior management and various levels of organization committees.
• Identify and resolve management issues, optimize management processes and operational workflows, to optimize the resources utilization and achieve operational efficiency.
• Responsible for any other responsibilities as directed by the Head of Cyber Security and IT Governance.

REQUIREMENT:

• Degree holder in Cyber Security / Computer Science / Information Technology or related discipline;
• Minimum 10 years or above of relevant experience in Cyber Security Management / Cyber Security Operations / Technology Risk Management or IT Audit, preferably with experience gained from consultancy / banking / finance industry;
• Experience in consultancy preferably Big 4 or IT Auditing is an advantage
• Holder of HKMA ECF-C recognized certifications at professional level is required;
• Customer-oriented, good communication and interpersonal skills;
• Able to work independently and under pressure with tight deadline;
• Strong problem-solving, analytical skills and presentation skills;
• Good command of written and spoken English and Mandarin;
• Possess proven managerial experience is a must;
• Possess forward planning, strategic thinking, problem solving and decision-making skills;
• Strong understanding and application of the best practices of cybersecurity management system methodology;
• Proficiency in preparing management dashboard / reporting deck and reports in Chinese is definitely an advantage

Applicants who are not contacted within 8 weeks may consider their applications unsuccessful and their personal data will be retained by the bank for a period up to two years.

All information provided by applicants will be used for recruitment purposes only and will be used strictly in accordance with the bank's personal data policies, a copy of which will be provided upon request.

• To monitor and maintain physical security and fire system operated in the Banks' premises. Including branches, offsite ATMs and offices
• Assist to manage daily operations of Access Control System, including but not limited access card issue and access report preparation
• Assist to prepare payment application and manage the billing cycle
• To maintain register on security and fire safety system
• To prepare management reports and perform data analysis
• To handle any ad-hoc task assigned by management
• To support the team for operations actvities e.g. Training, safty inspections

• Bachelor Degree
• Sound knowledge on physical security, security system and access control system
• Ability to work independently with strong communication and interpersonal skills
• Ability to provide precise report to Management
• At least 3 years of security operation experience in sizable organization
• Good command of spoken and written English and Chinese, especially in Mandarin