HK Express is Hong Kong’s first and only low-cost carrier, always offering great value, affordable fares on one of the youngest and most modern aircraft fleets in the world.

Like you, and just like many people across Asia, we love to travel and discover new places across the world’s most diverse and dynamic region; and at HK Express, we’re opening up new travel experiences that inspire and invigorate millions of people across the region we’re proud to call home.  Everything we do is focused on encouraging the spirit of adventure. Our routes provide the inspiration and spontaneity to try somewhere new, disrupting monotonous modern life. As we continue to open up new routes, often in secondary and emerging destinations, our passengers will gain access to an incredible range of places, exploring hidden gems and experiencing local cultures.

We have a diverse and vibrant team that embodies the adventurous spirit of our customers, and loves to travel too. Join us in this journey to make your career even more fulfilling and rewarding. 

Role Purpose

• Lead a team of cybersecurity professionals to safeguard IT environment.
• Conduct a security risk assessment for every new business application initiative and solutions; Enhance current practices to mitigate cyber risks and establishment of a risk framework;
• Support and define IT security framework to guard against security risk;
• Cross-team collaboration with Security Operations and Security Governance on developing new security testing process to enhance the company’s security assurance level;
• Collaborate with IT and business stakeholders and play a multi-faceted support role to identify any risks or gaps for improvement;
• Provide information security advisory to business units where required, through participation on advisory engagements;
• Regular review and approve security guidelines and procedures to strengthen current security framework;
• Perform threat management, threat modelling, identify threat vectors and develop use cases for security monitoring;
• Responsible in reviewing security incident Reports;
• Formulate and direct incident response efforts, prioritize those response efforts;
• Design and conduct a cyber-attack simulation to evaluate the effectiveness of cyber defences across different technology layers;
• Enhance the company’s cybersecurity maturity and situational awareness;
• Creation of reports, dashboards, metrics for SOC operations and presentation to Senior Management;
• Manage all aspects of outsourced Security Operation Centre;
• Support 7/24 on-call for emergency support.

Qualifications

• Bachelor’s Degree in computer science or IT-related discipline;
• Minimum 8 years’ working experience, with minimum 3 years hands on experience in Information Security, Internal Control or Operations Risk;
• Experience in Security Operations, SOC, SIEM, Incident Response, and Threat Intelligence is preferred;
• Experience in Penetration testing and common vulnerability assessment tools, as well as, using MITRE ATT&CK or similar frameworks;
• Passion for cybersecurity and staying up to date with current threats, tools and techniques;
• Familiar with various IT governance framework CobiT, PCI-DSS, NIST, ISO27001, ISO20000, ITIL respectively;
• Practical experience of technical and security configuration, operation and administration in Windows OS, Active Directory, Intune Policy, Networking, security devices (firewall, NAS, etc.) are essential;
• Knowledge of Cloud environments such as AWS, AliClould, Azure and GCP;
• Possess CISSP, CISA, CISM or other information systems security certifications preferred;
• Ability to communicate about various IT security measures with the non-technical audience;
• Demonstrated ability to prioritize and meet scheduled deliverables and commitments while managing multiple tasks;
• Good command of written and spoken English & Chinese.

Desirable Qualities

• Good analytical and problem solving skills with strong self-motivation
• Proven ability to coach team members
• Excellent communication skills in English and Chinese (Cantonese and mandarin), both written and verbal.
• Able to work under pressure and meet tight work schedule
• Working knowledge and experience with M365
• Flexible, self-starter possessing intellectual curiosity

Your Future Work Life

• Fly anywhere we fly for free with your friends and family to explore the world
• Hybrid working with flexibility in workplace and working hours to foster work-life harmony
• Open office to collaborate, connect and share great ideas
• Energetic and multicultural teammates from up to 50 nationalities!
• Company-organized shuttle buses connecting the workplace with major locations in the HK Island, Kowloon and N.T.