Company Introduction: We're home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."
Job Summary: The Information Security Team consists of the security strategy and solution architecture team, the security engineering and operations team, the threat The Information Security organization consists of security strategy, solution architecture, engineering and operations, and security governance function to drive the delivery of HKEX security program. This role sits within the Threat Detection and Response function with the responsibilities for treat intelligence and security operations center (SOC).
Job Duties: The SOC Lead is responsible for managing the day-to-day operations of the Security Operations Centre, ensuring timely detection, analysis, response to mitigate cyber threats against HKEX. This role involves leading a team of analysts, optimizing SOC processes, and collaborating with other security and IT teams to maintain a robust security posture.
Job Responsibilities: Leadership:
- Lead and mentor SOC analysts, fostering a culture of continuous improvement and collaboration.
- Develop and maintain SOC operational procedures, playbooks, and escalation paths, ensuring 24/7 coverage.
- Maintain and regularly update the Security Incident Response Plan to ensure readiness and effectiveness during incidents.
- Collaborate closely with and other Information Security and IT teams.
- Participate in security audits and risk assessments.
Threat Detection and Incident Response:
- Oversee monitoring of security alerts and incidents across SIEM, EDR, and other security tools.
- Coordinate incident response activities, ensuring timely containment and remediation.
- Perform root cause analysis and recommend preventive measures.
SOC Governance & Optimization:
- Ensure SOC operations align with regulatory requirements and best practices in the industry.
- Provide regular reports and insights to senior management on threat trends and SOC performance.
- Manage the Managed Security Service Provider (MSSP), ensuring adherence to HKEX standards and SLAs. Define and maintain meaningful performance metrics.
- Leverage threat intelligence to address the evolving cyber threat landscape by continuously fine-tuning HKEX's detective and preventive controls.
- Drive automation, orchestration, and process enhancements within SOC operations to improve efficiency and reduce response times.
Analytical & Leadership Skills:
- Strong analytical capabilities with an investigative mindset.
- Self-motivated, enthusiastic, and able to perform under pressure in high-urgency environments.
Job Requirements - Bachelor's degree in Computer Science, Information Technology, or a related discipline, preferably with the focus on Cybersecurity.
- Minimum of 6+ years of relevant experience in cybersecurity operations, including at least 2 years in leading a team of SOC analysts.
- Demonstrated experience in managing Managed Security Service Providers (MSSPs) and ensuring SLA compliance.
- Strong understanding and practical application of MITRE ATT&CK and D3FEND frameworks for threat detection.
- Strong knowledge with common security technologies such as SIEM, SOAR, EASM, and Threat Intelligence Platforms (TIP).
- Excellent communication with leadership.
- Professional qualifications such as OSCP, GCIH, or equivalent is highly preferred.
HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.
Location: HKEX - TKO
Shift: Standard - 40 Hours (Hong Kong SAR)
Scheduled Weekly Hours: 40
Worker Type: Permanent