Contract Period: Permanent
Work location: Kai Tak
Key Responsibilities
- Manage the design, implementation, ongoing operation, and continuous enhancement of the OT cyber security monitoring program and supporting systems, ensuring robust protection of critical infrastructure environments, including ICS and SCADA.
- Ensures alignment with recognized industry best practices, internal security standards, and applicable regulatory requirements, while enabling effective detection, analysis, and response to cyber threats targeting OT environments.
- Accountable for OT cyber incident detection and response, including continuous analysis and triage of security alerts, validating incidents, coordinating investigations with SOC, engineering, and operations teams, and supporting timely containment and recovery actions to minimize operational, safety, and business impacts.
- Accountable for curating, maintaining, and communicating up-to-date IT & OT cyber security intelligence and risk posture, producing regular, tailored reports, dashboards, and technical briefings for senior leadership and key business stakeholders.
- Performs routine cyber security operational tasks in accordance with established procedures, identifying opportunities for process improvements to enhance overall security effectiveness.
- Monitors security alerts and events generated by security tools, conducting initial analysis and triage to support incident detection and response activities.
- Technical support for IT and OT teams to implement security patches and configuration changes as part of vulnerability remediation and system hardening efforts.
- Assists in the development and maintenance of security documentation, including standard operating procedures, playbooks, and technical guides to support operational consistency.
Requirements
- At least 6 years of experience in cyber security with at least 3 years in OT cyber security.
- Proven experience in IT & OT Security Monitoring and Security Engineering.
- Proficiency in different security technologies, e.g. Continuous Threat Detection System (CTDS), Endpoint Detection and Response (EDR), Security Information and Event Management (SIEM), Security Orchestration, Automation, and Response (SOAR), Cloud Security Services and etc..
- Understanding of the cyber threat landscape and emerging threats.
- Understanding industrial cyber security risk, control and recovery measures.
- Proven collaboration and interpersonal skills to work effectively with cross-functional teams.
- Strong analytical and problem-solving skills, with the ability to assess the issues and find the root causes.
- Experience in vendor management and communicating with business users, engineers and external authorities.
- Ability and willingness to work outside standard office hours when responding to urgent or high-impact operation issues. Available for 24x7 incident response as tier 2 handler.
- Fluent in spoken and written English, and capability in both spoken (Putonghua) and written Chinese are advantageous.
About Clp
CLP was founded in Hong Kong in 1901, at a time when electricity was still a novelty worldwide. Today we power millions of homes and businesses across the Asia-Pacific region with over 8,000 employees. In Hong Kong, we operate a vertically integrated electricity business providing a highly reliable supply of electricity to over 80% of the city’s population. Outside Hong Kong, we invest in the energy sector on the Chinese Mainland, in Australia, India, Taiwan Region and Thailand. Our business spans the electricity value chain ranging from power generation, transmission and distribution to retail and smart energy services. We have a diversified portfolio of generating assets that uses a wide range of fuels sources including nuclear, renewables, gas and coal. To meet the evolving needs of energy users in a world being reshaped by decarbonisation and digitalisation, we strive to embrace new opportunities and expand our horizons as we fulfil our purpose to Power Brighter Tomorrows.