Back to jobs
Consultant - Cybersecurity and IT Audit
- Posted 10 October 2023
- Salary Performance Bonus, 15 days AL, Certificate Allowance per month, Medical. etc
- LocationKowloon
- Job type Permanent
- Discipline Cyber Security
- ReferenceBH-5324
- Contact NameNicholas Ng
Job description
Responsibilities:
• Conduct vulnerability assessments across various platforms and technologies.
• Assess the security configurations of applications, cloud systems, infrastructure and networks, and middleware.
• Ensure adherence to relevant cybersecurity and information risk management regulations, standards, policies, and guidance such as PCI DSS, NIST, ISO 27K, and privacy regulations.
• Present risk management options to the business, and aid in the development of appropriate documentation that informs risk management decisions.
• Identify additional cybersecurity opportunities while working with clients.
• Provide regular guidance on threats.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and regulatory requirements.
Requirements:
• Hold a degree in Computer Science, IT Management, Engineering, or a related field.
• Have at least 4 years of experience working directly with clients.
• Demonstrate at least 3 years of experience in Information Security, Application security review, Infrastructure and network security review, or Cloud security review.
• Be familiar with security technologies such as NGFW, IDS/IPS, EDR, SIEM, etc.
• Have proven experience in Cloud security and DevOps.
• Hold relevant qualifications and/or industry certifications such as PCIP, CISA, CISM, CISSP (at least one of these certifications is required).
• Possess strong analytical, problem-solving, and interpersonal skills that yield results.
• Be able to work independently and thrive under pressure.
• Exhibit excellent written and verbal communication skills in English and Cantonese, with Mandarin being an advantage.
• Be willing to travel overseas for certain projects.
• Possess additional certifications like PCI QSA and other Cloud certifications would be an advantage
• Conduct vulnerability assessments across various platforms and technologies.
• Assess the security configurations of applications, cloud systems, infrastructure and networks, and middleware.
• Ensure adherence to relevant cybersecurity and information risk management regulations, standards, policies, and guidance such as PCI DSS, NIST, ISO 27K, and privacy regulations.
• Present risk management options to the business, and aid in the development of appropriate documentation that informs risk management decisions.
• Identify additional cybersecurity opportunities while working with clients.
• Provide regular guidance on threats.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and regulatory requirements.
Requirements:
• Hold a degree in Computer Science, IT Management, Engineering, or a related field.
• Have at least 4 years of experience working directly with clients.
• Demonstrate at least 3 years of experience in Information Security, Application security review, Infrastructure and network security review, or Cloud security review.
• Be familiar with security technologies such as NGFW, IDS/IPS, EDR, SIEM, etc.
• Have proven experience in Cloud security and DevOps.
• Hold relevant qualifications and/or industry certifications such as PCIP, CISA, CISM, CISSP (at least one of these certifications is required).
• Possess strong analytical, problem-solving, and interpersonal skills that yield results.
• Be able to work independently and thrive under pressure.
• Exhibit excellent written and verbal communication skills in English and Cantonese, with Mandarin being an advantage.
• Be willing to travel overseas for certain projects.
• Possess additional certifications like PCI QSA and other Cloud certifications would be an advantage