Cyber Security Specialist (Penetration Testing)

Cyber Security Specialist (Penetration Testing)

Application Deadline: 14 July 2025

Department: Technology-CDSIO

Employment Type: Permanent - Full Time

Location: Hong Kong (SAR)

Description

About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits. Who says banking can’t be fun?
What we are looking for?

We are looking for a cyber security specialist (Penetration testing to join our team!

Responsibilities

• Provide security expertise to ensure the ongoing confidentiality, integrity, and availability of systems and information effectively and efficiently. 
•  Scope and perform hands-on penetration testing and security assessments of web applications, APIs, infrastructure, cloud environments and mobile (iOS/Android) apps to assess and validate their security posture
• Write high quality reports on identified vulnerabilities, including recommendations to remediate, and deliver report to stakeholders
• Manage security assessments conducted by vendors and consultants
• Manage the penetration testing pipeline to ensure on-time completion and delivery
• Work closely with key development and operations stakeholders to ensure timely remediation  
• Conduct security code reviews and make recommendations to developers
• ·Drive security awareness of secure coding practices and techniques
• Work collaboratively with key development and operations stakeholders to support the secure CI/CD pipeline
• Conduct offensive research to evaluate emerging cyber security threats and trends
• Work closely with the security operations team to proactively identify potential weaknesses, threats or vulnerabilities and address them
• Maintain up-to-date knowledge of the latest attacks, vulnerabilities, mitigation strategies, industry best practices and regulations
• Provide subject matter expertise, security consulting, and advisory services to business entities and project teams
• Build strong working relationships across the business and technology teams

Requirements

• 5+ Years’ experience in IT security related positions with a key focus on penetration testing and application security
• You should be able to demonstrate:
• Passion for offensive security and assurance
• Risk mindset and knowledge of risk management guidelines and frameworks
• Good understanding of penetration testing methodologies / techniques and software security principles
• Ability to communicate and articulate technical findings with stakeholders at all levels of the business 
• Hands-on threat, vulnerability, and remediation management experience
• Experience working in a cloud and container-based environment is highly desired
• Critical thinker with strong problem-solving and analytical skills
• Strong time management and ability to manage multiple projects under strict timelines.
• Development and automation experience in one or more programming languages are highly desired
• Strong collaborative nature and ability to contribute to a team environment
• Previous experience working within the finance/banking or advisory services industry beneficial