Major Responsibilities

Oversee and track the organization’s cyber security posture
Conduct resilience assessments for new initiatives and ongoing processes
Provide support in managing daily operations of the Security Operations Center (SOC)
Coordinate with internal and external auditors on resilience evaluations and intelligence‑driven attack simulation exercises
Contribute to maintaining and executing the cyber resilience program plan, monitor progress, and prepare regular status updates
Support the development of inputs for risk metrics reporting
Carry out additional responsibilities as directed by senior management

Requirements

Holds a university qualification in IT, information security, computer science, or a related discipline
At least 3 years of professional experience in technology risk and information security
Familiar with ISO27001 and HKMA guidelines on technology risk and cyber security (e.g., C‑RAF 2.0)
Strong analytical and problem‑solving abilities
Collaborative team player with effective interpersonal and communication skills
Possession of certifications such as CISA, CISM, CRISC, CISSP, or similar credentials is highly desirable
Practical experience with security assessment tools like Burp, Acunetix, or Metasploit is advantageous
Applicants with greater experience may be considered for the Senior Specialist (Cyber Resilience) role

‍