IT Security Engineer

Your new company

Our client is a leading Hong Kong-based construction and engineering group delivering large-scale infrastructure, power, and building projects across the region.

Your new role
We are seeking a Cybersecurity Engineer to oversee and enhance the security of enterprise IT environments, safeguarding systems, networks, and data against evolving cyber risks. This position plays a key role in strengthening security operations across on-premises, cloud, and hybrid infrastructures, supporting both internal platforms and client-facing environments.
The role covers security architecture, threat detection, vulnerability mitigation, and secure system operations, working closely with infrastructure, application, and project teams.

Key Responsibilities

• Architect, deploy, and support security platforms including firewalls, VPN solutions, endpoint security, IDS/IPS, SIEM, and data protection tools, ensuring robust defence-in-depth controls
• Continuously monitor security events, system alerts, and network activity, performing investigation and response to incidents or anomalies
• Carry out security assessments, vulnerability scans, and penetration testing exercises, translating findings into actionable remediation plans
• Participate in risk reviews, compliance assessments, and security audits, preparing technical documentation and improvement recommendations
• Implement and maintain security controls across cloud platforms, AI computing environments, and on-prem enterprise networks
• Develop, apply, and enforce system hardening standards for Windows, Linux, and network devices
• Partner with application and infrastructure teams to ensure secure design and deployment of new systems and integrations
• Provide cybersecurity support for remote offices, construction sites, and temporary network deployments, ensuring secure connectivity
• Maintain awareness of emerging threats, attack vectors, and regulatory developments, proactively recommending enhancements
• Produce security documentation, audit materials, incident reports, and compliance artefacts as required

What you'll need to succeed

• Higher Diploma or above in Information Security, Computer Science, IT, or a related discipline
• 3-5 years of experience in cybersecurity, infrastructure, system administration, or network engineering
• Strong understanding of networking fundamentals, firewall technologies, VPNs, IDS/IPS, and endpoint protection
• Hands-on experience with security and monitoring tools.
• Practical exposure to Windows and Linux (Ubuntu) environments, including hardening and secure configuration
• Working knowledge of security frameworks and standards
• Strong analytical and troubleshooting mindset with the ability to respond effectively to incidents
• Security certifications are an advantage
• Proficient in English and Chinese, with fluency in Cantonese and Putonghua
• Comfortable coordinating with internal stakeholders and external vendors, including counterparts in Mainland China

What you need to do now

If you're interested in this role, click 'apply now' or contact Farrah Tang at 5741 7795. You may also share your updated CV via [email protected].