Deloitte Touche Tohmatsu

Associate Director/Manager/Senior Consultant/Analyst - Technology Risks - Risk Advisory (HK)

Deloitte Touche Tohmatsu
Full Time
Junior (less than 3 years)
English, Cantonese, Mandarin (Putonghua)

Job Description

Associate Director/Manager/Senior Consultant/Analyst - Technology Risks - Risk Advisory (HK)

Location: 香港特别行政区, Southern China

Deloitte brings world-class capabilities and high-quality service to clients, delivering the insights they need to address their most complex business challenges. We are one of the leading professional services providers with 22 offices and nearly 13,500 people in Greater China, including: Beijing, Hong Kong, Shanghai, Taipei, Chengdu, Chongqing, Dalian, Guangzhou, Hangzhou, Harbin, Hsinchu, Jinan, Kaohsiung, Macau, Nanjing, Shenzhen, Suzhou, Taichung, Tainan, Tianjin, Wuhan and Xiamen.

Our Risk Advisory practice is rapidly expanding its Technology Risks Team in the Greater China Region. Joining our Risk Advisory practice, you will act as one of our trained team members and work with our professional teams in the region, helping our global clients in managing governance, risk and control through technology. We are looking for the professionals in joining our team who have the relevant experience and sufficient exposure in helping our clients optimizing their business needs and strategy through technology.

Job Description and Responsibilities:

  • Provide security consulting and implementation services to clients in the areas of IT infrastructure security, information security governance, data protection, ethical hacking, vulnerability management, etc.

General Requirements:

  • University graduates or above in Computer Science, Information Technology or related disciplines;
  • Minimum 1-8 years of experience in IT audit, IT controls, security consulting, IT implementation or software development in the required discipline;
  • Holder of certifications such as CISSP, CEH, CCSK, CCNA, CCFP, CHFI, CISA, CISM, PMP, PgMP, Prince2, CISA, CPA, CIA SAS, SPSS, Java, SAP, Oracle and/or other related certifications is an advantage; Experienced in leading and coaching team members is an advantage;
  • Good communication and presentation skills;
  • Sound experiences in coordinating resources;
  • Good command of spoken and written English and Chinese.  Mandarin is an advantage;
  • Flexibility in traveling.

Other Technical Requirements:

  • Solid consulting/implementation project experiences for any two of the following solutions:
    • Log Management, and Security Information and Event Management;
    • Data Loss Prevention;
    • Governance, Risk and Compliance;
    • Identity and Access Management;
    • Mobile Device Management and Near Field Communication;
    • Vulnerability Assessments, Penetration Testing, Ethical Hacking;
  • Knowledge of operating systems (UNIX, Linux, Windows, AS/400, Mac OSX),  database management systems (Oracle, SQL Server, Sybase, etc.) or network devices (router, hub, firewall, switch, intrusion detection and prevention system) is an advantage;
  • Possess programming skills of mobile, web / cloud applications in Java, JavaScript, .NET, C++, C#, etc. is an advantage;
  • Experience in applying various security and IT management standards, such as ISO27001, ITIL, COBIT, etc. is an advantage;
  • Experience with VBScript is an advantage;
  • Consulting experience of Data Governance, risk rating calculation and modeling, regulatory compliance experience on ISO27001/PCI-DSS, IAM architect or Identity Assertion Provider is a plus.

Professional Qualifications

  • Certified Information Security Manager (CISM)
  • Certified Information System Auditor (CISA)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Public Accountant (HKICPA)
  • Cisco Certified Network Associate (CCNA)
  • Program Management Professional (PgMP)
  • Project Management Professional (PMP)
  • Certified Internal Auditor
  • Certified Ethical Hacker (CEH)
  • ITIL Practitioner Level
  • PRINCE2 Foundation

Technical Skills

  • .NET
  • Audit
  • C (Programming Language)
  • C#
  • C++
  • Compliance
  • Computer Programming
  • Database Administration
  • Information Security
  • Information Technology Infrastructure Library (ITIL)
  • IT Audit
  • Java
  • JavaScript
  • Linux
  • Mac OSX
  • Microsoft Access
  • Microsoft SQL Server
  • SAP
  • SAP Sybase
  • SAS (Statistical Software)
  • Software Development
  • SQL
  • UNIX