Assistant Technical Manager, Data Protection (DLP & CASB)

The Hong Kong Jockey Club

Founded in 1884, The Hong Kong Jockey Club (“the Club”) is a world-class racing club that acts continuously for the betterment of our society. The Club has a unique integrated business model, comprising racing and racecourse entertainment, a membership club, responsible sports wagering and lottery, and charities and community contribution. Through this model, the Club generates economic and social value for the community and supports the HKSAR Government in combatting illegal gambling.

Who are we?

We are the IT Division of HKJC, a vibrant community of over 1,500 dedicated professionals working collaboratively across Hong Kong and Shenzhen.

Our team is a diverse mix of individuals from various backgrounds, from all across the world. We embrace our humanity, recognizing that each of us brings unique strengths and perspectives. This diversity not only enriches our work environment but also drives our innovation and creativity as we strive to achieve our collective goals.

What do we do?

We design, build, and operate the technology that powers the Club. Our primary focus is on delivering the service that supports our hospitality, racing and wagering operations, to ensure that our customers and members enjoy exceptional experiences.

We also deliver the changes necessary to drive business growth through new products and services. And, we are committed to safeguarding the Club by protecting it from external threats, providing a secure and resilient technological environment.

The Department

The Cyber Security Department is essential to the Club’s ongoing success, safeguarding information assets, IT systems, networks, and cloud platforms while ensuring the resilience and continuity of critical operations. Through the implementation of strong risk governance frameworks and cybersecurity standards, the department protects the Club against emerging threats and ensures compliance with regulatory requirements in Hong Kong and China.

As the first line of defense, the department plays a key role in maintaining the Club’s reputation and operational resilience. Its core responsibilities include identifying and addressing vulnerabilities, protecting sensitive information, ensuring rapid incident response, overseeing access management, and promoting Club-wide cybersecurity awareness.

The Job

• Participate in continuous improvement efforts by supporting automation initiatives and contributing to process enhancements
• Assist in the setup and tuning of detection rules, thresholds, and response actions within DLP platforms to reduce false positives and improve accuracy
• Operate and maintain certificate lifecycle management tools, ensuring proper integration with enterprise platforms
• Assist in securing SaaS applications through CASB solutions by managing access controls and monitoring for risky behaviours
• Enforce and monitor USB access policies to ensure controlled use of removable media and prevent unauthorised data transfers
• Contribute to data classification and labelling initiatives, helping ensure sensitive information is appropriately tagged and handled
• Support the deployment and configuration of endpoint security agents across all relevant security profiles
• Collaborate with business units and end users to troubleshoot issues related to data protection controls
• Monitor data security events and support incident response activities in coordination with incident response teams
• Perform routine system checks and updates to ensure optimal performance and compliance with data security tools

About You

• University degree qualification with a strong technical background, particularly in Information Technology, cybersecurity, application development and/or networking
• Strong hands-on experience with data security technologies such as encryption, tokenisation, secure data storage and access control
• Strong working knowledge of Data Loss Prevention (DLP) tools and techniques
• Operational experience with Cloud Access Security Broker (CASB) solutions
• Ability to translate business and operational requirements into actionable technical security configurations
• Communication skills, with the ability to explain technical security concepts to non-technical stakeholders and support users in resolving security-related issues
• Practical experience with certificate lifecycle management tools and processes
• Working knowledge of security features and configurations in public cloud ecosystems
• Familiarity with software and workflows used in data protection operations

Apply Now!

We offer competitive salary and benefits packages, a dynamic working environment and development opportunities.

Add horsepower to your career today. Click the “Apply Now” button to create an account and submit your application.

Equal Opportunity and Inclusive Hiring

We are an equal opportunity employer and strive to create an inclusive workplace for all. Applicants from diverse backgrounds are welcomed to apply. If you have any special needs or require accommodations during the interview process, please e-mail us via careers@hkjc.org.hk. Personal data provided by job applicants will be used strictly in accordance with the Club's notice to employees and job applicants relating to the Personal Data (Privacy) Ordinance. A copy of which will be provided immediately upon request.