Advisory - Risk, Financial Services - Cyber Security - Senior / Staff Associates
Location: CN-Hong Kong-Hong Kong
Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.
We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.
- Provide IT advisory services to FS client in APAC with a focus in Hong Kong, such as security transformation, Identity and Access Management (IAM), Cyber Threat Analytics and Management (CTM), Data Loss Prevention (DLP) and Resilience etc.
- Lead or participate in change management of system implementation project, with mangement experience of at least 3 team members management experience
- Handle projects with business process re-engineering experience
- Help our clients to design their cyber security strategy and roadmap, manage security project, conduct gap analysis, design process integration and conduct training & workshops; or from a technical perspective, to design client’s security architecture, implement and customize security solutions etc.
- Demonstrate and apply a thorough understanding of complex cyber security solutions and framework systems (including risk management and internal controls), use knowledge of the current business/IT environment and industry trends to identify the engagement and client service issues and communicate this information to the engagement team and client management through written correspondence and verbal presentations.
- Demonstrate and apply strong project management skills, inspire teamwork and responsibility with engagement team members and use current technology and tools to enhance the effectiveness of deliverables and services.
- Collaborate with other team members to develop service proposals, engagement documentation and reports
Qualifications, Education and Certification
To qualify, candidates must have:
- Bachelor's Degree in business, accounting, finance, computer science, information systems, engineering, or a related discipline and/or a professional certification e.g. CISSP, CISA, CISM, CBCP, PMP, ISO 27001/20000 leader auditor, BS25999 leader auditor, and ITIL V3 certification.
- A minimum of 3 - 5 years’ experience working on cyber security / risk or IT/operation/management consulting.
- Hands-on experience in applying relevant knowledge in at least one of the following engagements is an advantage: (a) Identity and Access Management (IAM) solution consulting and implementation; (b) Cyber Threat Analytics and Management (CTM) solution consulting and implementation; (c) Data Loss Prevention (DLP) solution consulting and implementation; (d) mobile security; (e) cloud security; (f) other security related areas.
- Good understanding of industrial practice in cyber security is an advantage.
- Strong project management skills.
- Strong communication skills and presentation skills.
- Demonstrated leadership and client services skills.
- Demonstrated integrity within a professional environment.
- Excellent command of written and spoken English and Chinese (Cantonese); Mandarin is an advantage
- Certified Information Security Manager (CISM)
- Certified Information System Auditor (CISA)
- Certified Information Systems Security Professional (CISSP)
- Project Management Professional (PMP)
- ITIL Practitioner Level
- C (Programming Language)
- Information Technology Infrastructure Library (ITIL)
- Internal Control
- IT Security
- Microsoft Access
- Project Management
- Risk Management