Cyber Security Specialist (Vulnerability Management)

Cyber Security Specialist (Vulnerability Management)

Application Deadline: 7 July 2025

Department: Technology-CDSIO

Employment Type: Permanent - Full Time

Location: Hong Kong (SAR)

Description

About Mox

Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.

Why Mox

Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?

Responsibilities

• Oversee the vulnerability management lifecycle, encompassing patch management and associated risk assessments to ensure the timely and effective remediation of identified vulnerabilities
• Triage, report, and follow up on security findings from various tools and sources
• Review and report on cyber threats affecting key vendors and/or solutions, providing actionable insights for risk mitigation
• Collaborate with key vendors to address vulnerability concerns and ensure compliance with security standards
• Manage vulnerabilities in the development lifecycle, including, dependency vulnerability management and SAST findings
• Manage findings from penetration testing and security assessments, ensuring timely remediation and process improvements
• Develop and deliver security awareness training related to patch and vulnerability management
• Design, implement and maintain automations to streamline vulnerability management processes
• Provide metric reporting on vulnerability and patch compliance
• Create, maintain, and uplift process documentation pertaining to vulnerability management
• Develop and maintain relationships with technology teams, ensuring effective communication and collaboration on vulnerability management initiatives
• Stay up-to-date with emerging threats, vulnerabilities, and technologies, applying this knowledge to continuously improve our vulnerability management program

 

Requirements

• Passion for cyber security, vulnerability management and working with highly technical team members
• Deep understanding of vulnerability identification, risk classification, and software security principles
• Being able to translate complex technical scenarios, cyber security specific threats, and related mitigating controls into a language that stakeholders at all levels can understand
• Strong knowledge of risk management guidelines and frameworks
• Proven experience in managing vulnerabilities throughout their lifecycle, from identification to remediation
• Ability to act calmly and competently in high-pressure, high-stress situations
• Must be a critical thinker, with strong problem-solving skills and analytical skills
• Excellent time management skills and ability to manage multiple projects under strict timelines
• Development and automation experience in one or more programming languages (e.g., Python, Bash, etc) are required
• Previous experience working in a cloud environment is highly desired
• Ability to contribute in a team environment