About us

VDX is creating a world-leading digital asset platform, committed to bringing regulated, reliable, safe and fair services to global investors and financial institutions. Bridging traditional and digital finance, VDX provides a trusted gateway for brokers, banks, fund managers and family offices to access the digital asset space in a compliant way.

We are seeking a highly skilled and motivated Cyber / Information Security Specialist to join our dynamic team in Hong Kong. In this critical role, you will be responsible for safeguarding our organization's digital assets and protecting sensitive information. Your expertise will be instrumental in mitigating cyber threats, ensuring regulatory compliance, and maintaining operational resilience. Monthly Salary: HK$60,000

Job Description:

Vulnerability Management:

• Implement and manage the vulnerability management program in compliance with the companies cyber security policy and procedures.
• Conduct regular vulnerability assessments.
• Prioritize and track remediation of vulnerabilities with information system/asset owners in accordance with risk assessments.
• Review residual risk-level and control effectiveness to make recommendations for risk treatment.

Security Operations:

• Develop, implement, and maintain Standard Operating Procedures (SOPs) and playbooks for security operations as mandated by the companies cyber security policy.
• Monitor security systems and logs for potential threats and incidents.
• Respond to security detections and incidents promptly and effectively, following established procedures.
• Review and tune detection rules to reduce false-positives.
• Conduct regular security audits and reviews to identify and address security gaps.

Regulatory Compliance:

• Ensure compliance with companies policies, relevant cybersecurity regulations and industry standards.
• Conduct regular compliance audits and assessments.

Collaboration:

• Assist senior management in overseeing cyber risks by ensuring controls are properly designed, implemented and operated as intended, and ascertain the consistency of risk assignment.
• Collaborate with IT teams, business units, and other stakeholders to ensure security is integrated into all aspects of the organization.
• Work closely with external security vendors and partners.

Job Requirement: 

• Degree in computer science, information technology, information security, or equivalent experience.
• Good understanding of cybersecurity frameworks and standards; e.g., NIST Cybersecurity Framework, ISO 27001.
• A minimum of 7 years of experience in the information security field, gained ideally in finance or related industries.
• Experience with vulnerability management tools and techniques.
• Experience with SIEM tools, preferably SumoLogic.
• Proficiency in incident response and digital forensics.
• Strong analytical and problem-solving skills. 
• Desire to automate repetitive work with knowledge of a programming or scripting language, e.g. Powershell or Python.
• Holder of relevant cybersecurity certifications; ie. CISSP, CISM, CISA is a plus.
• Open to learning and acquiring new approaches, e.g. data-driven security and AI.
• Good written and verbal communication skills in English and Chinese (Cantonese and Mandarin)
• Ability to work independently and as part of a team.

If you are a passionate cybersecurity specialist with a strong commitment to protecting information, we are keen to hear from you.