Cybersecurity Lead

About the Role:

We are seeking a highly skilled and motivated Security Operations Leader to join our growing team in Hong Kong. As the team is currently small and expanding, this role will have a broad scope and require you to wear multiple hats across various areas of security. You will play a critical role in safeguarding our organization’s assets, infrastructure, and people while helping to develop and scale our security operations.

This is an exciting opportunity for someone who thrives in a dynamic environment, enjoys building processes from the ground up, and wants to contribute to the development of a high-performing security team.

Key Responsibilities:

Security Operations

• Oversee day-to-day operations of the Security Operations Center (SOC), including monitoring, detection, and response to security incidents.
• Develop, implement, and maintain incident response plans, ensuring timely resolution of security incidents.
• Manage security tools and technologies such as SIEM, endpoint detection, vulnerability scanners, and firewalls.
• Perform threat analysis and provide recommendations to mitigate risks.
• Ensure compliance with internal security policies and external regulatory requirements.

Team Building and Leadership

• Act as the primary security lead, working closely with other teams until the security team is fully staffed.
• Train and mentor junior team members as the team grows.
• Collaborate with cross-functional teams, including IT, engineering, and compliance, to ensure alignment on security practices.

Risk Management and Governance

• Conduct regular risk assessments and audits to identify vulnerabilities and recommend solutions.
• Develop and enforce security policies, standards, and procedures.
• Maintain up-to-date documentation of security processes and incidents.

Project Management and Strategy

• Lead security-related projects, such as implementing new tools, infrastructure upgrades, and compliance initiatives.
• Contribute to the development of a long-term security strategy, aligning with business goals.
• Identify opportunities to enhance automation and efficiency in security operations.

Other Areas of Security

• Support physical security, access control, and facilities security as needed.
• Assist with security awareness training programs for employees.
• Provide input and support for data privacy and compliance initiatives (e.g., GDPR, ISO 27001).

• Bachelor's degree in Computer Science, Information Security, or a related field; equivalent experience considered.
• 10+ years of experience in security operations, incident response, or a similar role.
• Hands-on experience with security tools such as SIEM (Splunk, QRadar, etc.), EDR, and vulnerability management platforms.
• Strong understanding of cybersecurity best practices, frameworks (e.g., NIST, ISO 27001), and regulatory requirements.
• Excellent problem-solving skills with the ability to think critically under pressure.
• Strong communication skills in both written and verbal English; Cantonese/Mandarin proficiency is a plus.
• Relevant certifications such as CISSP, CISM, or CEH.
• Experience in cloud security (AWS, Azure, or GCP).
• Knowledge of DevSecOps practices and secure software development methodologies.
• Familiarity with physical security systems and processes.