The Cyber Security Department is essential to the Club’s ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations. Through the implementation of strong risk governance frameworks and cybersecurity standards, the department protects the Club against emerging threats and ensures compliance with regulatory requirements in Hong Kong and China.
As the first line of defense, the department plays a key role in maintaining the Club’s reputation and operational resilience. Its core responsibilities include identifying and addressing vulnerabilities, protecting sensitive information, ensuring rapid incident response, overseeing access management, and promoting Club-wide cybersecurity awareness.
1 Strategic Planning & Alignment
Collaborate with business and IT stakeholders to identify requirements for developing cybersecurity strategies that align with the Club's objectives
Oversee initiatives that deliver value, maintain secure and resilient operations, and mitigate risks
Stay informed on emerging cyber trends and evolving regulatory requirements to ensure the Club's cybersecurity strategies remain proactive, compliant, and aligned with best practices
2 Portfolio Management
Collaborate with Cyber Security leadership to develop and manage a portfolio of critical services for business and IT stakeholders, ensuring high-quality delivery, gathering feedback, and prioritising improvements within the Cyber Security strategy and operational roadmap
Develop and maintain the Book of Work (BOW) for Cyber Security initiatives by participating in IT S&P demand prioritisation and QBR processes, integrating the prioritisation framework that is aligned with the Club's overall methodology
Regularly report on the cyber initiatives’ status, performance, and alignment with organisational goals, providing insights and updates to key stakeholders
Engage with business and IT stakeholders to maintain transparency, manage expectations, and ensure shared understanding of priorities and objectives
3 Metrics & Reporting
Define key performance indicators (KPIs) and metrics (OKRs) to measure the effectiveness of cybersecurity strategies and initiatives
Prepare and present regular reports to executive leadership, highlighting portfolio performance, risk posture, and strategic recommendations
4 Business Integration
Create the Cyber Security programme awareness and collaborate with the BISO to promote the cyber security control adoption across the Club and promote Cyber initiatives with the business and IT teams
Establish a close connection with BISO and respective stakeholders to ensure seamless integration of Cyber Security
5 Leadership & Team Development
Provide leadership and mentorship to cross-functional teams involved in cybersecurity initiatives
Role model a culture of collaboration, innovation, and continuous improvement within the Cyber Security Department
Work to raise the external profile of the Cyber Security Department, and work with the team that does it
6 Inclusive Culture & Employee Resilience
Develop resilience programs, foster psychological safety, and promote employee well-being through wellness initiatives and work-life balance
Encourage open communication, amplify diverse perspectives, and collaborate with HR to implement flexible, employee-focused workplace policies
Enhance staff wellbeing through programs, open communication, and work-life balance initiatives, fostering a positive and inclusive workplace culture
Champion cyber security awareness initiatives, and develop a strong risk culture within the Cyber Security Department
7 Transformation & Operating Model
Oversee the deployment and execution of the IGNITION Operating Model, aligning organisational design with strategic goals to enhance delivery capabilities and future-proof the engineering ecosystem
Spearhead the transformation and adoption of DevSecOps and security by design as part of the HKJC target state operating model
Bachelor’s degree holder, e.g., Business Management, IT, or other disciplines; a Master’s degree is preferred
10+ years of experience in business management, risk governance, or related fields
Strong skills in monitoring and reporting Key Performance Indicators (KPIs)
Advanced analytical skills to track performance metrics and generate actionable insights
Proficiency in project and portfolio management tools and platforms (e.g., Microsoft Office Suite, Power BI, Trello, Mural or similar)
Exceptional communication skills, with the ability to translate technical concepts for diverse audiences
Expertise in stakeholder engagement, including senior executives and board members
Demonstrated ability to foster an inclusive workplace culture and promote employee well-being
Exceptional English writing and verbal communication skills, with the ability to present complex concepts to non-technical audiences
Strong organisational and multitasking abilities with meticulous attention to detail
Excellent stakeholder management and relationship-building skills
We offer competitive salary and benefits packages, a dynamic working environment and development opportunities.
Add horsepower to your career today. Click the “Apply Now” button to create an account and submit your application.
We are an equal opportunity employer and strive to create an inclusive workplace for all. Applicants from diverse backgrounds are welcomed to apply. If you have any special needs or require accommodations during the interview process, please e-mail us via [email protected]. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and job applicants relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.
Information Technology>Security Specialist / Risk Management
HK$ -
Full Time
Founded in 1884, The Hong Kong Jockey Club (“the Club”) is a world-class racing club that acts continuously for the betterment of our society. The Club has a unique integrated business model, comprising racing and racecourse entertainment, a membership club, responsible sports wagering and lottery, and charities and community contribution. Through this model, the Club generates economic and social value for the community and supports the HKSAR Government in combatting illegal gambling.
We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.
Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.
We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.
We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.
