Logo for Blackpanda

Director of Response, Hong Kong

Role overview

Qualifications

  • 8+ years of hands-on experience in cyber incident response, digital forensics, or threat intelligence, including substantial time in a client-facing consulting environment.
  • 3+ years leading or managing a response, DFIR, or security consulting team, with demonstrated ownership of hiring, mentoring, and performance.
  • Strong technical foundations across enterprise networks, endpoints, and cloud (Windows, Linux, macOS, AWS/Azure/GCP) and proficiency with DFIR tools (EDR, SIEM, network forensics, forensic suites).
  • Cantonese fluency with English fluent enough to communicate clearly with global leadership and working knowledge of the Hong Kong regulatory environment.

Responsibilities

  • Grow and retain the Hong Kong response team—hiring, developing, and building a bench capable of handling the full spectrum of incidents in the local market; mentor consultants in DFIR tradecraft and client communication.
  • Act as senior technical advisor on active incidents—guiding containment, eradication, recovery, and post-incident strategy; advise executives on risk, regulatory exposure, and strategic options.
  • Own delivery quality across Hong Kong engagements—review findings, reports, and client deliverables; step into delivery on the most complex or high-profile matters.
  • Maintain current awareness of the Hong Kong and APAC regulatory environment (including PCPD, HKMA, SFC) and translate threat context into practical guidance; act as local authority in regulatory conversations.

About the company

Blackpanda logo

Blackpanda

BLACKPANDA is Asia’s premier cyber security firm hyper-focused on delivering world-class incident response and digital forensics services to the region. Headquartered in Singapore and with a presence across Southeast and East Asia, the company is the first of its kind in the region. By developing and leveraging innovative cyber security services, incident response & forensics data, and loss adjusting capabilities for our insurtech platform, Blackpanda’s mission is to protect, defend, and insure—providing a holistic and practical cyber resiliency solution for our clients of any size. We believe every company should have access to cyber security services and risk transfer opportunities and are committed to democratizing cyber security resiliency, making it accessible across Asia, from Fortune 500 companies to SMEs, and everyone in between. We help answer the urgent questions about your cyber security: 1. Am I under attack? 2. Has any data been stolen? 3. Am I still at risk? Our team consists of an elite cadre of risk and security experts from International military special forces, intelligence, forensics, and law enforcement backgrounds. We are highly trained, ready to respond to and help manage crises on short notice, when and wherever needed. www.blackpanda.com | hello@blackpanda.com

Company details

Company size11 - 50

Your match analysis

See how your profile stacks up against this role.

We compared the job requirements to your profile to show where you're strong and where you fall short.

Job description

About Blackpanda

Blackpanda is a Lloyd's of London–accredited insurance coverholder and Asia's leading local cyber incident response firm, delivering end-to-end digital emergency support across the region. We are pioneering the A2I (Assurance-to-Insurance) model in cybersecurity — uniting preparation, response, and insurance into a seamless pathway that minimizes financial and operational impact from cyber attack.

Through expert consulting services, response assurance subscriptions, and innovative cyber insurance, we help organisations get ready, respond, and recover from cyber attacks — all delivered by local specialists working in concert. Our mission is clear: to bring complete cyber peace of mind to every organisation in Asia, from the first moment of breach through full recovery and beyond.

How We Work

Blackpanda is a tech-enabled services team. We invest heavily in AI and are constantly pushing to do better, faster, and at scale. You are given freedom to use the approved tools in the team, but you are to take ownership of outcomes. We prefer smart work over hard work, welcome good ideas regardless of where they come from, and have deliberately kept red tape out of the way of innovation. If you want to join a team building the best response practice in Asia — and shaping the tools and methods that get us there — you'll be in good company.

Your Mission: Director of Response, Hong Kong

Reporting to the Head of Operations, the Director of Response leads Blackpanda's Cyber Incident Response practice in Hong Kong — growing the local team, owning client relationships, and serving as our senior technical authority on the ground.

This is a leadership role for an operator who has lived through real incidents and can bring clarity, calm, and direction when organisations are at their most exposed. You will still take the lead on select engagements where your seniority is required, but your primary job is to scope work, guide consultants, grow the bench, and represent Blackpanda in the Hong Kong market — in lockstep with the wider global team.


Core Responsibilities

Local Leadership and Team Development

  • Grow and retain the Hong Kong response team — hiring, developing, and building a bench capable of handling the full spectrum of incidents in the local market.
  • Mentor consultants in DFIR tradecraft, client communication, and operational discipline; guide them through investigations without taking the keyboard.
  • Own the well-being, performance, and progression of the local team, ensuring sustainable workloads in a high-pressure practice.
  • Partner with peers in the wider global team to share intelligence, align methodology, and ensure consistent quality across regions.

Client Advisory and Engagement Leadership

  • Act as senior technical advisor on active incidents — guiding clients through containment, eradication, recovery, and post-incident strategy.
  • Advise executives on risk, regulatory exposure, and strategic options as they work to emerge from a difficult situation.
  • Lead scoping conversations on new engagements, translating client needs into clear response plans and accurate proposals.
  • Maintain trusted relationships with clients, legal counsel, insurers, regulators, and law enforcement throughout the incident lifecycle.

Delivery Oversight and Selective Hands-On Work

  • Own delivery quality across Hong Kong engagements, reviewing findings, reports, and client deliverables before they go out.
  • Step into delivery on the most complex, sensitive, or high-profile matters that require senior judgment.
  • Guide investigations across Windows, Linux, macOS, and cloud environments, drawing on EDR, SIEM, network, and forensic data.

Regulatory Awareness and Threat Landscape

  • Maintain a current view of the Hong Kong and broader APAC regulatory environment, including expectations from the PCPD, HKMA, and SFC, as well as the Protection of Critical Infrastructures (Computer Systems) Ordinance.
  • Track active threat actors, ransomware groups, and sector-specific risks, and translate that context into practical guidance for clients.
  • Act as the local authority during regulatory conversations and notifications, ensuring clients are well-positioned and well-represented.

External Presence, Brand, and Cross-Functional Collaboration

  • Represent Blackpanda at conferences, industry events, and roundtables in Hong Kong and the region to support marketing, brand, and pipeline.
  • Build a strong personal and firm reputation across the local cyber community through speaking, publishing, and thought leadership.
  • Partner with sales and the global response leadership team — providing technical insight in pre-sales and helping position Blackpanda's capabilities with precision.

Minimum Requirements

  • 8+ years of hands-on experience in cyber incident response, digital forensics, or threat intelligence, including substantial time in a client-facing consulting environment.
  • 3+ years leading or managing a response, DFIR, or security consulting team, with demonstrated ownership of hiring, mentoring, and performance.
  • Track record of leading complex, high-stakes incidents end-to-end — ransomware, BEC, nation-state intrusions, data exposure — including direct engagement with executives, legal, regulators, and insurers.
  • Strong technical foundations across enterprise networks, endpoints, and cloud (Windows, Linux, macOS, AWS / Azure / GCP).
  • Working fluency with the modern DFIR toolkit — EDR, SIEM, network forensics, and forensic suites (e.g. Splunk, ELK, SentinelOne, CrowdStrike, Velociraptor, X-Ways).
  • Precise, articulate communicator — able to translate complex technical findings into clear, strategic guidance for boardrooms, regulators, and war rooms alike.
  • Working knowledge of the Hong Kong regulatory environment and an informed view of the APAC threat landscape.
  • Cantonese fluency, with English fluent enough to communicate clearly with global leadership.
  • Calm, decisive presence under pressure, with proven judgment in ambiguous, high-stakes situations.

Preferred Qualifications

  • Certifications such as GCFA, GNFA, GREM, GCIH, OSCP, or equivalent.
  • Experience presenting at industry conferences and contributing public thought leadership.
  • Established network across Hong Kong's cyber, legal, regulatory, and insurance communities.
  • Mandarin, in addition to Cantonese and English.
  • Prior exposure to OT/ICS or critical infrastructure environments.

Benefits

  • Eligible for multiple company-sponsored SANS Institute course training and certifications
  • 40 total days available for leave, inclusive of public holidays, which you can take at the time of your choosing
  • 1 week of Work-From-Anywhere per quarter
  • 1 day per week of Work-From-Home (Friday), and manager discretion for other days
  • Two weeks of paid work travel per year to the company, Onsite and Offsite, in the Asia region

Why This Role

You will own Hong Kong: the team, the clients, the relationships, and the reputation — with the backing of a regional firm purpose-built for cyber crisis. We're not here to check boxes; what matters most is your judgment and the calm authority you bring when others look to you to follow. If you've led teams through real crises and want to build the leading local response practice in Hong Kong, we want to talk.

Apply once. Then go straight to the hiring manager.

After you apply, unlock the direct contact details of the people who actually make the call. A quick follow-up makes you 5x more likely to land an interview.

MR

Marcus Rivera

Chief Revenue Officer

m.rivera@company.com
linkedin.com/in/marcusrivera
Unlocked after you apply
·

Director of Global QA (Quality) Related jobs

Other jobs at Blackpanda

Premium

Reach out to the hiring manager directly.

Gain access to the contact details of the hiring managers who actually decide, and reach out to network with them directly. That, plus more when you upgrade:

  • Full match report with fit score and gaps
  • Career diagnostics on how recruiters read you
  • Curated company matches and warm intros
  • 48h early access to new roles

Cancel anytime.