- Internal Control
- IT Security
Advisory - Risk - Cyber Security - Manager/Senior Associate (OSCP, SIEM, Policy framework, Research, Cyber Analytics)
Location: CN-Hong Kong-Hong Kong
As a Manager/Senior Consultant in the Cyber Security Team, you will contribute technically to client engagements and services development activities. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for EY within existing engagements, and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team.
In line with EY commitment to quality, you will confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you will help to create a positive learning culture, coach and counsel junior team members and help them to develop.
Your key responsibilities
- Participate in Cyber Security engagements with a focus on Penetration Testing, Red Team Assessment and Security Testing
- Work effectively as a team member, sharing responsibility, providing support, maintaining communication and updating senior team members on progress
- Help prepare reports and schedules that will be delivered to clients and other parties
- Develop and maintain productive working relationships with client personnel
- Build strong internal relationships within EY Advisory Services and with other service lines across the organization
To qualify for the role you must have
Technical skills requirements
- A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles
- Infrastructure Information systems security assessment, design, architecture, implementation, management and reporting
- Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
- Experience with programming languages such as Java, C, C++, C#, asp, and .NET
- Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
- Experience of manual attack and penetration testing above and beyond the running of automated tools
- Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)
- An understanding of web based application vulnerabilities and experience in application security review and testing
- An understanding of mobile application vulnerabilities and experience in mobile application security review and testing
- Familiarity with security standards reference such as OWASP, SANS, NIST
- Understanding of secure development practice and framework
Ideally, you’ll also have
- Bachelor's Degree in Computer Science, Information Technology or related disciplines
- Sound knowledge and experience in using different hacking tools to perform foot printing, enumeration and exploitation of system infrastructure, web and mobile applications.
- Knowledge and experience in web or mobile application programming and security code review is desirable
- Good command of written and spoken English
- Related qualifications and/or industry certifications such as GPEN, GXPN, OSCE, OSEE. GWAPT, OSWE and CCT
What working at EY offers
- Support, coaching and feedback from some of the most engaging colleagues around
- Opportunities to develop new skills and progress your career
- The freedom and flexibility to handle your role in a way that’s right for you
As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.
If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.
Join us in building a better working world.