The Cyber Security Department is essential to the Club’s ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations. Through the implementation of strong risk governance frameworks and cybersecurity standards, the department protects the Club against emerging threats and ensures compliance with regulatory requirements in Hong Kong and China.
As the first line of defense, the department plays a key role in maintaining the Club’s reputation and operational resilience. Its core responsibilities include identifying and addressing vulnerabilities, protecting sensitive information, ensuring rapid incident response, overseeing access management, and promoting Club-wide cybersecurity awareness.
Lead advanced analysis of complex cybersecurity events and incidents, delivering actionable remediation steps
Drive threat‑intelligence‑led threat hunting to detect malicious activity, emerging tactics, and vulnerabilities proactively
Oversee and maintain 24/7 Security Operations Centre (SOC) processes within internal and external service providers, including monitoring, alert triage, escalation, and continuous improvement
Direct end‑to‑end investigations of major incidents, ensuring minimal operational impact and full documentation of findings
Perform deep root cause analysis and recommend robust corrective and preventive actions
Develop, update, and optimise SOC processes, incident playbooks, and response plans based on evolving threats
Advise security defence engineering teams on detection logic, control coverage gaps, and enhancements
Coordinate incident response with cross‑functional teams, including internal and external stakeholders
Manage and verify security alerts and incidents, ensuring proper classification, prioritisation, and escalation
Lead remediation efforts during incidents, ensuring effective containment, eradication, and recovery
Leverage internal and external threat intelligence to strengthen detection, monitoring, and hunting capabilities
Mentor SOC analysts and incident responders, promote a high‑performance security culture
Ensure compliance with industry standards and the Club’s security policies through regular audits and reviews
Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Systems, Application Development, Networking or a related field
Certification in good standing, for one or more of the following, would be an added advantage:
CISSP – Certified Information Systems Security Professional
GIAC GCFA – GIAC Certified Forensics Analyst
GIAC GCIH – GIAC Certified Incident Handler
GIAC GSOC – GIAC Security Operations Certified
GCTI – GIAC Cyber Threat Intelligence
CTIA – EC‑Council Certified Threat Intelligence Analyst
10+ years of IT/security experience, with significant leadership in incident response
Extensive, hands‑on experience in cyber security incident response across diverse attack scenarios and threat types
Proven track record in managing Security Operations Centre (SOC) BAU processes and optimising SOC workflows
Strong background in threat‑intelligence‑driven threat hunting, including proactive detection and investigation of advanced threats
Deep familiarity with incident response frameworks such as NIST and SANS, and practical application of their methodologies
Experience developing, maintaining, and executing incident response plans and playbooks
Expertise in conducting root cause analysis for security incidents and translating findings into preventive measures
Skilled in creating, refining, and maintaining SOC process documentation and operational runbooks
Demonstrated capability to lead or coordinate major incident investigations under high‑pressure conditions
Solid understanding of SIEM, SOAR, UEBA, EDR/XDR tools, and their use in monitoring and incident handling
Knowledge of MITRE ATT&CK, Cyber Kill Chain, and other adversary behaviour models for detection engineering
Ability to identify, analyse, and close security control coverage gaps
Experience coordinating with cross‑functional teams during investigations and remediation
Proficiency in technical troubleshooting across network, endpoint, application, and cloud environments
Strong understanding of threat intelligence sources, enrichment, and operational integration into SOC monitoring
Familiarity with regulatory compliance requirements, industry standards, and audit processes affecting incident response and SOC operations
History of mentoring, guiding, and technically enabling SOC analysts and incident responders
Ability to translate complex technical information into concise updates for executives and stakeholders
Experience with post‑incident reviews and lessons‑learned processes to improve security posture
We offer competitive salary and benefits packages, a dynamic working environment and development opportunities.
Add horsepower to your career today. Click the “Apply Now” button to create an account and submit your application.
We are an equal opportunity employer and strive to create an inclusive workplace for all. Applicants from diverse backgrounds are welcomed to apply. If you have any special needs or require accommodations during the interview process, please e-mail us via [email protected]. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and job applicants relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.
Information Technology>IT System Management
HK$ -
Full Time
Founded in 1884, The Hong Kong Jockey Club (“the Club”) is a world-class racing club that acts continuously for the betterment of our society. The Club has a unique integrated business model, comprising racing and racecourse entertainment, a membership club, responsible sports wagering and lottery, and charities and community contribution. Through this model, the Club generates economic and social value for the community and supports the HKSAR Government in combatting illegal gambling.
We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.
Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.
We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.
We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.
