*Support Cybersecurity engagements , including security strategy, policy and architecture, information privacy and governance, certification and compliance, business and technology resilience and security testing.
*Deliver Cybersecurity Maturity Assessments and Cybersecurity Control Gap Remediation (covering the design and implementation of controls to address the people, process and technology risks) projects.
*Perform Cybersecurity Maturity Assessments by assessing cyber risk factors across 6 functional domains -Leadership & Governance, Human Factors, Information Risk Management, Business Continuity, Technology & Operations, Legal & Compliance.
*Assess the IT architecture -application, database, operating system, hardware platforms (including web and mobile) and network infrastructure -for vulnerabilities to cyber-attacks.
*Communicate technical issues in business terms and deliver value using a pragmatic approach to the technical components of Cybersecurity.
*Design and implement processes for Identity & Access Controls, Cyber Incident Management, Intrusion Detection, Threat Intelligence, Cyber Data Analytics, Security Monitoring, etc.
*Assist in continuously enhancing the existing cyber assessment methodologies.
*Remain up-to-date on the latest cybersecurity threats, vulnerabilities and regulatory requirements.
*Build and maintain relationships with existing and prospective clients, and develop / improve your network of business contacts.
*Assist with scoping prospective engagements and developing proposals.
Qualifications and Skills:
*Professionally qualified preferred (e.g CISSP, CRISC, CISA, CISM, PMP or other relevant qualifications)
*Any degree in technology, engineering, or business studies with information systems major/minor from an accredited college / university along with deep interest in technology risk, security and IT governance will be considered
*Excellent written and verbal communication skills in English and Chinese (Mandarin or Cantonese)
*Strong interpersonal skills with a demonstrated ability to gain the confidence and respect of senior level executives
*Strong client services orientation and accustomed to taking an active role in executing client engagements
*Strong analytical skills and the ability to develop thought leadership publications
Experience:
*Minimum 5 years of relevant experience
*Strong knowledge of enterprise technologies, especially networking principles and internet-based technologies, with self-motivated learning ability
*Strong knowledge of internet application security, including common internet application vulnerabilities and network architecture to support internet applications
*Strong knowledge base in operations, enterprise networking, operating systems and database security evaluation and architecture
*Knowledge of IT security vendor products is an advantage
*Experience in financial services is preferred
Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.
