Cyber Security Engineer_5 To 7 years

Job Title: Wealth Management Operational Security Engineer Cloud, Vulnerability, and Application Security

Location:

Joiners:

About the Role

Operational Security Engineer

Key Responsibilities

1. Cloud & Container Security

• Implement and maintain

  secure containerization strategies

  using Docker, Kubernetes, and related orchestration platforms.
• Ensure

  secure image management

  , patching, and compliance across cloud environments.
• Monitor, assess, and harden cloud configurations aligned with organizational security standards.
  

2. Network & System Security

• Design

  secure cloud network architectures

  with proper segmentation and monitoring.
• Enforce

  network and system hardening

  best practices and compliance.
• Implement

  patching, endpoint protection

  , and continuous monitoring frameworks.

3. Threat & Vulnerability Management

• Lead

  vulnerability assessments

  using tools like

  Rapid7 Nexpose, Qualys, Tanium

  .
• Classify, prioritize, and remediate vulnerabilities across IT and production systems.
• Provide management reports on risk exposure, mitigation progress, and SLA adherence.
  

4. Application & DevSecOps Security

• Embed

  Secure SDLC

  practices across development lifecycles.
• Implement

  SAST, DAST, and SCA

  for application security testing.
• Conduct

  threat modeling

  and risk assessments for key Wealth Management applications.

5. Cybersecurity & Incident Handling

• Ensure

  data protection

  and

  incident response

  for DLP, SIEM, and forensic follow-ups.
• Collaborate with

  regional and global security teams

  for event correlation and governance.
• Regularly report on risk treatment, cybersecurity posture, and compliance gaps.
  

6. Compliance & Governance

• Ensure compliance with

  regulatory frameworks

  HKMA, MAS, GDPR, FINMA, and internal Group standards.
• Align controls with

  ISO 27001, NIST, CIS

  , and

  Cloud Security Alliance (CSA)

  benchmarks.
• Drive

  third-party and technology risk assessments

  and policy enforcement.

Skills & Technical Expertise

• Cloud & Container Security (AWS, Docker, Kubernetes)
• Vulnerability Management Tools (Qualys, Rapid7, Tenable, Tanium)
• DevSecOps, Secure SDLC, Threat Modelling
• SIEM, DLP, IAM/PAM Solutions
• Knowledge of Security Frameworks (NIST, ISO27001, CIS, PCI-DSS)
• Regulatory Compliance (APAC / Global Banking)
• Excellent communication and cross-team coordination skills
  

Preferred Qualifications

• Bachelors degree in Computer Science, IT, or equivalent.
• Security certifications:

  CISSP, CISM, CEH, CCSP, or ISO 27001 LA

  (preferred).
• Experience in

  Banking / Financial Services / Wealth Management IT Security

  is an advantage.

Why Join Us?

• Opportunity to work in a

  global Wealth Management environment

  with CISO-level exposure.
• Strong focus on

  innovation, risk governance, and security excellence

  .
• Hybrid work flexibility, diverse technology landscape, and inclusive culture.