Responsibilities
• Identify critical vulnerabilities, emerging threats, and potential attack vectors across systems, applications, and infrastructure.
• Develop and implement targeted controls, remediation measures, and defensive strategies to reduce or eliminate identified security risks.
• Oversee day-to-day security monitoring, drive effective incident detection and response processes, and continuously enhance operational maturity and procedures.
• Maintain and evolve a robust set of security controls; evaluate, select, and deploy advanced security solutions to address evolving cyber threats and protect the organisation.
• Provide security governance across projects, awareness, policies, and vendors.
Skills Reqd
• Hold a university degree in Computer Science, Information Engineering, or a closely related field, complemented by relevant professional certifications such as CISP, CISSP (or equivalent).
• Possess a minimum of 8 years of hands-on experience in information security domains, with at least 6 years of relevant professional exposure - ideally gained within the banking or financial services sector.
• Demonstrate strong practical knowledge and operational/audit experience with key security technologies and platforms, including Hillstone, Huawei, H3C, QingTeng Cloud, Sangfor, Nutanix, Cisco, Fortinet, RedHat, and CentOS systems or equipment.
• Maintain thorough familiarity with Hong Kong's evolving cybersecurity regulatory landscape, including recent SFC and HKMA initiatives on cyber resilience, digital fraud prevention, C-RAF, iCAST, and broader IT industry standards and best practices.
• Proficient in Chinese and English.
