Job Responsibilities:

• Develop requirements and evaluate information security solutions and technologies, including conduct proof-of-concept (POC) test

• Provide security engineering documents and operational run books to handover security product support to security operation

• Assist application development from a security perspective throughout the SDLC including secure coding, use of secure application components and libraries, security / penetration testing etc.

• Provide Level 2 / 3 cyber security support

Job Requirements:

• A Bachelor degree or higher in Information Technology disciplines or equivalent
• Minimum 2 years working experience in IT

• Have a good knowledge of OWASP Top 10, application vulnerability and DevSecOps and be able to use DAST / SAST and code scanning tools

• Have a good knowledge of common infrastructure like Active Directory, DNS, Microsoft365 including cloud platforms on Azure, AWS etc.

• Relevant security certifications are an advantage (e.g. CISSP, CISA, OSCP, GPEN & GWAPT etc)

• Strong technical knowledge of Security technologies like, SIEM, Privileged Identity and Access Management (PIAM), Penetration test, Antivirus, Data Loss Prevention, Secure Web Proxy, Email security

• Knowledge in programming skills using UNIX shell script, Python, PowerShell, VBScript, Java

• Excellent command of verbal and written English
• Able to work under pressure

Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.