Responsibilities:
Assist in implementing security tools and configurations
Monitor alerts from security systems and escalate issues to engineers
Support internal and external audits (e.g., SOC 2, PCI DSS, ISO 27001, GDPR) such as preparing audit documentations, evidence repositories etc.
Participate in incident response tasks under supervision
Stay updated on evolving fintech regulations, cloud security best practices (e.g., CSA CCM, NIST CSF), and threats to advise on proactive compliance enhancements.
Collaborate with cloud engineering, DevOps, and compliance teams to implement and document remedial actions for audit findings, ensuring timely closure and improved audit evidence quality
Qualifications:
Degree in Cybersecurity, Computer Science, Information Technology or related field
2 to 3 years of hands-on experience in cybersecurity, infrastructure security, or security engineering
Knowledge of Windows and Linux system administration, networking (TCP/IP, firewalls, VPN), and core security concepts
Knowledge of basic compliance standards (ISO, NIST, PDPO, HKSFC VATP)
Certifications such as CISSP, CISM, CCSP, CISA, CRISC, or AWS/Azure Security Specialty is an advantage
Knowledge of basic cybersecurity concepts, principles
Good in spoken and written English and Cantonese (Mandarin is an advantage)
Good communication skills – able to explain complex technical topics to technical and non-technical audiences
Full-time