Assistant Vice President - Application Security & Security Engineering - IT - 12 months contract

Company Introduction:

We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.

HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."

Job Summary:
The AVP - Application Security & Security Engineering Specialist will be responsible for driving the design and deploy of security architecture and functions for new application projects, with a strong focus on application security and secure engineering practices. This role will lead the design, integration, and implementation of security controls across both infrastructure and application layers of the new clearing service platform. The successful candidate will collaborate closely with platform engineering, application development, and cybersecurity teams to ensure that security is embedded throughout the software development lifecycle and aligns with enterprise architecture standards.

Job Duties:

Job Responsibilities:

• Lead the application security and engineering efforts for application projects, ensuring secure design, development, and deployment practices.
• Drive the integration of existing security tools with the new clearing service platform, ensuring compatibility, scalability, and compliance.
• Architect and implement integration patterns across Cloud Security, Identity & Access Management, Network & Application Security, Data Protection, Vulnerability Management, Code scanning tools, Threat Detection & Response, EndPoint Security.
• Collaborate with infrastructure and cloud teams to embed security controls across hybrid environments.
• Develop and maintain integration documentation, including architecture diagrams, data flow mappings, and operational procedures.
• Oversee implementation and testing of security tool integrations, including disaster recovery validation and performance tuning.
• Provide technical leadership and guidance on security tool capabilities, limitations, and optimization strategies.
• Ensure integrated tools support incident detection, response, and compliance reporting.
• Drive automation of integration workflows and repeatable tasks using scripting or orchestration platforms.
• Manage vendor relationships and coordinate with product teams for tool enhancements and troubleshooting.
• Support BAU operations including rule management, policy updates, and change requests for integrated tools.
• Define and setup monitoring and reporting on tool performance, integration health, and security effectiveness.

Job Requirements:

• Proven experience in application security and secure engineering within large-scale platforms.
• Strong understanding of security technologies including:
  • Identity & Access Management (CyberArk, SailPoint)
  • Network & Application Security (F5 ASM, Palo Alto IPS, Akamai, Cloudflare)
  • Data Protection (Forcepoint, Microsoft 365 MIP)
  • Vulnerability Management (Tenable and container scanning tools)
  • Code scanning tools / CICD - (Fortify, SonarCube, Acunetix)
  • Threat Detection & Response (Xsoar, Splunk, ArcSight, Darktrace, Xpanse)
  • Cloud Security (Cloud Security Posture Management / Cloudguard)
  • Endpoint and Ant-malware Security (Microsoft Defender, Carbon Black, Symantec SPE)
• Experience with cloud platforms (HCS, AliCloud, AWS) and hybrid security architecture.
• Familiarity with scripting and automation tools (e.g., Python, PowerShell).
• Strong project management and stakeholder engagement skills.
• Excellent communication skills, with ability to present to senior management.
• Bachelor's degree in Computer Science, Information Security, or related field; advanced certifications (e.g., CISSP, CISM, AWS/Azure Security) are a plus.

HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.

Location:
HKEX - TKO

Shift:
Standard - 40 Hours (Hong Kong SAR)

Scheduled Weekly Hours:
40

Worker Type:
Contract