The Hong Kong Jockey Club Hiring! Full Time Senior Technical Manager, Security Operations Centre in New Territories, Hong Kong - Ricebowl

We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen. Our team is a diverse mix of individuals from various backgrounds, from all across the world.

Who are we? We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.

What do we do? We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.

The Department The Cyber Security Department is essential to the Club’s ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations.

The Job You will:

• Lead advanced analysis of complex cybersecurity events and incidents, delivering actionable remediation steps
• Drive threat‑intelligence‑led threat hunting to detect malicious activity, emerging tactics, and vulnerabilities proactively
• Oversee and maintain 24/7 Security Operations Centre (SOC) processes within internal and external service providers, including monitoring, alert triage, escalation, and continuous improvement
• Direct end‑to‑end investigations of major incidents, ensuring minimal operational impact and full documentation of findings
• Perform deep root cause analysis and recommend robust corrective and preventive actions
• Develop, update, and optimise SOC processes, incident playbooks, and response plans based on evolving threats
• Advise security defence engineering teams on detection logic, control coverage gaps, and enhancements
• Coordinate incident response with cross‑functional teams, including internal and external stakeholders
• Manage and verify security alerts and incidents, ensuring proper classification, prioritisation, and escalation
• Lead remediation efforts during incidents, ensuring effective containment, eradication, and recovery
• Leverage internal and external threat intelligence to strengthen detection, monitoring, and hunting capabilities
• Mentor SOC analysts and incident responders, promote a high‑performance security culture
• Ensure compliance with industry standards and the Club’s security policies through regular audits and reviews

About You You should have:

• Bachelor’s or Master’s degree in Computer Science, Cybersecurity, Information Systems, Application Development, Networking or a related field
• Certification in good standing, for one or more of the following, would be an added advantage:
• CISSP – Certified Information Systems Security Professional
• GIAC GCFA – GIAC Certified Forensics Analyst
• GIAC GCIH – GIAC Certified Incident Handler
• GIAC GSOC – GIAC Security Operations Certified
• GCTI – GIAC Cyber Threat Intelligence
• CTIA – EC‑Council Certified Threat Intelligence Analyst
• 10+ years of IT/security experience, with significant leadership in incident response
• Extensive, hands‑on experience in cyber security incident response across diverse attack scenarios and threat types
• Proven track record in managing Security Operations Centre (SOC) BAU processes and optimising SOC workflows
• Strong background in threat‑intelligence‑driven threat hunting, including proactive detection and investigation of advanced threats
• Deep familiarity with incident response frameworks such as NIST and SANS, and practical application of their methodologies
• Experience developing, maintaining, and executing incident response plans and playbooks
• Expertise in conducting root cause analysis for security incidents and translating findings into preventive measures
• Skilled in creating, refining, and maintaining SOC process documentation and operational runbooks
• Demonstrated capability to lead or coordinate major incident investigations under high‑pressure conditions
• Solid understanding of SIEM, SOAR, UEBA, EDR/XDR tools, and their use in monitoring and incident handling
• Knowledge of MITRE ATT&CK, Cyber Kill Chain, and other adversary behaviour models for detection engineering
• Ability to identify, analyse, and close security control coverage gaps
• Experience coordinating with cross‑functional teams during investigations and remediation
• Proficiency in technical troubleshooting across network, endpoint, application, and cloud environments
• Strong understanding of threat intelligence sources, enrichment, and operational integration into SOC monitoring
• Familiarity with regulatory compliance requirements, industry standards, and audit processes affecting incident response and SOC operations
• History of mentoring, guiding, and technically enabling SOC analysts and incident responders
• Ability to translate complex technical information into concise updates for executives and stakeholders
• Experience with post‑incident reviews and lessons‑learned processes to improve security posture

Terms of Employment The level of appointment will be commensurate with qualification and experience.

How To Apply Please send your resume, complete with expected salary and job reference.

We are an equal opportunity employer. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and prospective employees relating to the Personal Data (Privacy) Ordinance.