Consultant - Cybersecurity and IT Audit

Posted 10 October 2023
Salary Performance Bonus, 15 days AL, Certificate Allowance per month, Medical. etc
Job type Permanent
Discipline Cyber Security
Contact NameNicholas Ng

Job description


• Conduct vulnerability assessments across various platforms and technologies.
• Assess the security configurations of applications, cloud systems, infrastructure and networks, and middleware.
• Ensure adherence to relevant cybersecurity and information risk management regulations, standards, policies, and guidance such as PCI DSS, NIST, ISO 27K, and privacy regulations.
• Present risk management options to the business, and aid in the development of appropriate documentation that informs risk management decisions.
• Identify additional cybersecurity opportunities while working with clients.
• Provide regular guidance on threats.
• Stay updated on the latest cybersecurity threats, vulnerabilities, and regulatory requirements.


• Hold a degree in Computer Science, IT Management, Engineering, or a related field.
• Have at least 4 years of experience working directly with clients.
• Demonstrate at least 3 years of experience in Information Security, Application security review, Infrastructure and network security review, or Cloud security review.
• Be familiar with security technologies such as NGFW, IDS/IPS, EDR, SIEM, etc.
• Have proven experience in Cloud security and DevOps.
• Hold relevant qualifications and/or industry certifications such as PCIP, CISA, CISM, CISSP (at least one of these certifications is required).
• Possess strong analytical, problem-solving, and interpersonal skills that yield results.
• Be able to work independently and thrive under pressure.
• Exhibit excellent written and verbal communication skills in English and Cantonese, with Mandarin being an advantage.
• Be willing to travel overseas for certain projects.
• Possess additional certifications like PCI QSA and other Cloud certifications would be an advantage