- Develop requirements and evaluate information security solutions and technologies, including conduct proof-of-concept (POC) test
- Provide security engineering documents and operational run books to handover security product support to security operation
- Assist application development from a security perspective throughout the SDLC including secure coding, use of secure application components and libraries, security / penetration testing etc.
- Provide Level 2 / 3 cyber security support
- A Bachelor degree or higher in Information Technology disciplines or equivalent
- Minimum 2 years working experience in IT
- Have a good knowledge of OWASP Top 10, application vulnerability and DevSecOps and be able to use DAST / SAST and code scanning tools
- Have a good knowledge of common infrastructure like Active Directory, DNS, Microsoft365 including cloud platforms on Azure, AWS etc.
- Relevant security certifications are an advantage (e.g. CISSP, CISA, OSCP, GPEN & GWAPT etc)
- Strong technical knowledge of Security technologies like, SIEM, Privileged Identity and Access Management (PIAM), Penetration test, Antivirus, Data Loss Prevention, Secure Web Proxy, Email security
- Knowledge in programming skills using UNIX shell script, Python, PowerShell, VBScript, Java
- Excellent command of verbal and written English
- Able to work under pressure
Applicants who do not hear from us within 6 weeks may consider their applications unsuccessful. Personal data provided will only be used for the purpose of employment application to HKEX.