The Hong Kong Jockey Club's Information Technology & Sustainability (IT&S) Division drives the implementation of innovative technology solutions in horse racing and football wagering systems in order to deliver a premium service to our millions of customers.
You will have the opportunity to develop and utilize new skills, explore interesting fields and do challenging work that will impact the lives of people.
We are currently seeking talented IT professionals with strong technical expertise to contribute to the significant strategic transformation which will allow IT&S to adapt to the changing digital workplace, improve customer experience and accelerate the delivery of new product offerings.
Working collaboratively with multi-disciplinary IT teams, you will play an instrumental role in building a digital platform with modern state of the art technologies that will power all of the Club’s service and product distribution channels.
These channels include over 100 betting booths at racecourses, 102 Off-Course Betting Branches (OCBBs), 4 call centers manned by 5000 plus Telebet operators, as well as multiple interactive online and mobile services.
It is a fixed-term contract position of minimum 3 years with possibility for renewal subject to organization need and individual performance.
We offer competitive package including an attractive end-of contract gratuity, annual performance award, and employee fringe benefits.
You will :
Perform technical advisory in assigned project area for ensuring identified information security risks are mitigated and controls are implemented.
Propose and implement DevSecOps architecture, open standard, framework, and best practice.
Coordinate and implement various security solutions and security controls. Support and advise IT colleagues on risk treatments.
Work with IT teams in adopting secure programming practices throughout the system development lifecycle; and work with application and technology architects to assess the risk and impact to business of existing and future business applications implementations.
Design, planning, execute and document information security architecture and related security framework
You should have :
At least 5 years working experience in IT industry with 3 year experience of IT information security or DevOps
Good understanding of information security, configuration management, risk management which integrated into DevOps.
Qualified professional certifications such as CISSP, CISA or their equivalent would be an advantage.
Excellent analytical skills and ability to present technical information and statistics to enable management to make sound decisions.
Good knowledge of security, web, mobile and enterprise application infrastructure and design.
Solid experience of Windows, Linux, Visualization, Infrastructure-as-a-code, container, Docker and Security Solution
Knowledge of DevOps process and related tools including Jenkins, JIRA, GitHub, Ansible, UrbanCode, IBM BigFix or other similar tools would be an advantage.
Knowledge of Cloud native DevSecOps operation
Knowledge of DevSecOps process and tools including vulnerability scanners, SAST, DAST, Aqua, Blackduck, security testing tools and other automation tools.
Terms of Employment
The level of appointment will be commensurate with qualifications and experience. An initial contract employment will be offered to the successful candidate subject to mutual agreement between the Club and the individual.