Officer - Assistant Threat Detection and Response Specialist - IT

Company Introduction:

We’re home to Asia's most dynamic and vibrant capital markets.
Connecting capital, ideas, inspiration and innovation for deeper, more diverse and liquid global capital markets; providing greater choice and opportunity for our customers, each and every day.
HKEX is a purpose-driven company. Our commitment to the long-term development of our business and our markets is articulated in our purpose: "To Connect, Promote and Progress our Markets and the Communities they support for the prosperity of all."

Job Summary:

This role operates within HKEX’s Threat Detection and Response Team as a Level 2 Analyst, with primary responsibility for managing escalated security events and incidents that demand advanced technical analysis, sound judgement and coordinated response. This role plays a critical part in safeguarding HKEX’s mission critical infrastructure and directly contributes to the resilience of Hong Kong’s financial markets.
This role is responsible for stopping cyber threats before they can cause business impact. As part of the HKEX’s Security Operations Centre, you will leverage advanced security tools and your investigative expertise to conduct in depth incident analysis and drive effective response actions. Beyond reactive response, you will lead and participate in proactive threat hunting, continuously improving protection and detection effectiveness to stay ahead of evolving threats.

Job Duties:

• Perform advanced analysis and investigation of escalated security events and incidents. Determining impact, scope, root cause, and response strategy with reference to predefined playbooks.

• Take ownership of incident response activities, working closely with infrastructure, application, and business teams throughout the incident lifecycle to ensure timely containment, eradication, and recovery.

• Participate in a 7x24 on‑call rotation, providing expert‑level analysis and decision support for security incidents outside of business hours.

• Conduct threat driven threat hunting by correlating telemetry, logs, and threat intelligence feed from multiple sources to identify adversary activity.

• Leverage Artificial Intelligence (AI) and Large Language Models (LLMs) to enhance, automate, and optimise cybersecurity processes, particularly within Security Operations Centre (SOC) and incident response workflows.

• Identify operational inefficiencies and security process gaps and design AI‑enabled solutions to improve alert triage, investigation efficiency, incident handling, reporting, and knowledge management. Stay up to date with emerging AI technologies, LLM capabilities, and cyber threat trends, and proactively evaluate their relevance to security operations and proactively sharing actionable insights with relevant stakeholders.

Job Requirements

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.

• Around 2 years of experience in Cyber Security field, with focus on SOC or Incident response is preferred; fresh graduates are welcome if they can demonstrate strong technical knowledge, a solid foundation in cybersecurity, and a proactive learning attitude.

• Hands‑on experience on applying AI and/or LLMs to cybersecurity use cases, such as: Security operations automation, Incident investigation, Threat intelligence analysis Detection engineering, etc.

• Familiarity with the MITRE ATT&CK and MITRE D3FEND frameworks, with an understanding of common adversary tactics, techniques, and procedures (TTPs).

• Demonstrates a strong interest in cybersecurity with a commitment to continuous learning, keeping abreast of emerging threats, vulnerability trends, and significant cyber events.

• Strong attention to detail with an analytical mindset, demonstrating accountability and operational discipline.

• Able to prioritize tasks and manage time effectively, act with a sense of urgency during security incidents, and perform well in a fast‑paced, high‑pressure environment.

• Acts with integrity and respects confidentiality, handling sensitive security and market‑related information responsibly.

• Team‑oriented, with the ability to collaborate effectively, learn from senior members, and continuously develop technical and professional skills.

HKEX is committed as an Equal Opportunity Employer. Diversity is one of our core values and we look to support, respect diverse perspectives, abilities, culture and experiences within our workplace.

Location:

HKEX - TKO

Shift:

Standard - 40 Hours (Hong Kong SAR)

Scheduled Weekly Hours:

40

Worker Type:

Permanent