About Mox
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Mox helps you grow – your money, your world, your possibilities. We equip you with the financial management tools, information and insights you need to make your dreams, big or small, come true. Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits.
Together we create a new standard in banking. We are always looking for awesome people who can work with us on this adventurous journey!
What we are looking for?
We are currently looking for a Cyber Security Architect!
Mox is built by and for the ones who aspire to live life to the fullest – we call them Generation Mox! The name Mox reflects the endless opportunities we can create, - Mobile eXperience; Money eXperience; Money X (multiplier), eXponential growth, eXploration… it’s all up for us to define together.
Why Mox
Mox helps you grow – your money, your world, your possibilities. We equip you with the financial management tools, information and insights you need to make your dreams, big or small, come true. Everything at Mox – from our products, features, to rewards – is designed based on customer research, tailor made for your needs. We care about what customers care about, especially in data security and privacy. Data ethics is core to everyone here at Mox. Mox rewards you with an array of banking and lifestyle benefits.
Together we create a new standard in banking. We are always looking for awesome people who can work with us on this adventurous journey!
What we are looking for?
We are currently looking for a Cyber Security Architect!
Responsibilities
• Develop security patterns and guidelines that meet cloud security best practices
• Provide key security input and innovation to the security direction related to the bank’s cloud strategy
• Develop and/or carrying out the strategic direction of security projects to enable execution of the
information security strategy
• Drive cyber risk reduction and remediation efforts through the collaboration with stakeholders to
develop and implement strategies that align with business and security objectives
• Provide business-facing support and build strong working relationships as a cyber security champion
and trusted advisor – you will influence cyber security outcomes and work across teams to help
assess, understand, and remediate gaps within code, systems, and cloud technologies
• Provide expert technical information security consulting on multi-platform IT environments and subject
matter expert advice to project teams
• Influence the cyber security posture through direct contribution and consultation with in flight projects
• Plan, design, and implement Security Systems, Controls and Solutions
• Support the delivery of security architecture services demonstrating specialisation in cloud security
• Review the current system security measures/design and support enhancement implementation from
an architecture perspective
• Promote the security architecture process, outcomes and value proposition to the bank
• Maintain and apply security architectural knowledge and investigate and recommend improvement
opportunities
• Actively and proactively contribute and provide support to other key domains and functions within the
Cyber and Digital Trust Team
• Lead threat modelling exercises
• Perform security and cyber risk assessments
• Assess, harden, and help improve baseline cyber security controls through performing reviews,
identifying opportunities, and presenting enhancements to management.
• Provide hands-on support with performing ad-hoc implementations and maintenance of cyber security
controls across several technologies and security tools including EDR, SIEM, Cloud Proxy, and
Communication Gateways
• Maintain up-to-date knowledge on cloud security, latest attacks and trends, vulnerabilities, mitigation
strategies, and industry best practices and regulations
Requirements
Your experience is ideally supported by one or more of the following qualifications:
• 7+ Years’ experience in technology/IT/security related positions. Ideally, your
experience will include time as an individual contributor, hands-on consulting, or
advisory capacity. Your experience should include:
• Extensive experience in information security and/or IT risk management with a focus
on security, performance and reliability
• Experience working with digital businesses, AWS cloud technologies and
environments embracing agile WoW and DevOps tooling
• Demonstrable understanding or experience deploying cloud-based solutions to
Amazon Web Services utilising known good practice for security, resilience and
recovery.
3• Solid understanding of security protocols, cryptography, PKI and Cas,
authentication, authorisation and security
• Demonstrated experience at delivering innovative architecture to strategic programs
• Experience implementing multi-factor authentication, single sign-on, identity
management or related technologies
• Good working knowledge of current IT risks and experience implementing security
solutions
• Ability to interact with a broad cross-section of personnel to explain and enforce
security measures
• Working knowledge of industry good practise such as OWASP, PCI DSS,
ISO27001/2, NIST CSF, SWIFT CSP
• Banking/Financial experience desirable
• Familiar with HKMA regulations
• Excellent written and verbal communication skills as well as business acumen and a
commercial outlook
• Highly desirable industry certifications, including but not limited to those issued by
SANS/ISC2/ISACA: CISSP, CISM, CISA, CRISC, CGEIT, CCSP or GIAC
• Architecture certifications such as TOGAF, SABSA is desirable
• Participation in relevant Cyber Security industry forums is desirable