Job Search
FEATURED JOBS
Senior Consultant/Manager - Consulting (HK)
Consulting Strategy & Change
0 - 500K
Regional Communications Practice Director/AP
Sales & Marketing
1 - 1.5M
Finance Analyst
Accounting & Finance
500 - 1M
Materials Manager
Procurement & Supply Chain
500 - 1M
Dealing Room Support
Technology
500 - 1M
Senior Network Engineer
Technology
1 - 1.5M
C#, Algorithmic Trading Developer
Technology
500 - 1M
Risk & Security Consultant
Print 
Email to friend 
Apply Position : Risk & Security Consultant |
Salary : HDK 1.5 - 2M |
JobRef : 609231 |
Date : 14 January 2012 |
|
Minimum Language Requirements :
|
Location : Hong Kong Island |
• managing company’s technology infrastructure
• supporting, maintaining and enhancing existing business systems
delivering and deploying new systems, technologies and services
The Information Risk Management team (iRisk) has global accountability for identification, mitigation, monitoring and reporting of Information risk throughout the company and report to the Chief Information Officer.
Company’s business expansion has resulted in a requirement to bolster the existing team, to improve the service that iRisk provides to our businesses & ITG teams around the world.
We are looking to recruit an experienced technical security consultant. The role will require the successful applicant to provide security risk assessment and consulting services to the business and participate in the global consulting team. This role reports to the Head of Risk Consulting based in Sydney, Australia. The Consulting team is a ‘chargeable business’, providing value-add security SME consulting services to the business.
Key responsibilities
This position will be part of the Security Consulting team, comprised of technology risk experts delivering group-wide security and risk consulting services. Consultants in the team manage the pipeline of work from their aligned client base, deliver to engagements, report issues and recommendations for management followup, and manage client relationships.
Key responsibilities include:
• Deliver effective and responsive consulting services on all aspects of enterprise information security risks to ITG
• Provide consulting to projects during the analysis, design and build phases of projects, such that the solution designs being deployed meet minimum standards and are aligned to ITG strategy. Assess security adequacy of architecture & design of applications / infrastructure solutions
• Participate in 3rd party due diligence assessment activities and provide recommendations to management
• Identify and assess key IT and business risks and recommend appropriate and practical treatment plans
• Ensure that critical IT risk issues identified are reviewed by and communicated to appropriate levels of company’s leadership
• Build and maintain productive, collaborative relationships with stakeholders in ITG and the business
• Maintain an adequate pipeline of work to meet the team’s budget and chargeability targets
• Work constructively and collaboratively with colleagues in peer teams within iRisk
The successful candidate will have proven experience and knowledge of technical security risk assessment, including the following:
• Detailed knowledge of technical security concepts and their practical application
• Experience in technical security risk assessment - across enterprise infrastructure, web technology and applications platforms
• Experience in security architecture design and review - across enterprise infrastructure, web technology and applications platforms
• Understanding of current and emerging security technologies, security threats and trends
• Knowledge of industry security risk assessment methodologies and standards and applying them in a large enterprise environment - eg. ISO 2700x, AS4360
• Knowledge and understanding of legislative and regulatory requirements relating to banking and finance IT.
The following characteristics are considered essential for the role:
• A strong, self-confident, dynamic character, capable dealing effectively with colleagues and business users working in a constantly evolving environment
• Ability to gather written and verbal information from multiple sources, assess and consolidate risks, provide appropriate recommendations
• Good relationship and collaboration skills within a team as well as with ITG colleagues, external service providers and business partners.
• Comfortable working as part of global team across geographies, cultures and time-zones
• Ability to remain calm under pressure and when faced with adversity or urgent issues
• Focused on business enablement whilst being able to reach balanced judgements and apply excellent communication skills
• Able to handle multiple tasks and prioritise effectively
• Enthusiastic and creative, an inquisitive nature with an attention to detail, yet able to think outside the box and consider the big picture
• Ability to influence and educate stakeholders and management regarding appropriate security and IT risk management
• Commitment to maintaining their personal development to ensure they continue to add value to the company
He/she should be self-motivated, a self-learner, customer oriented, resourceful, pragmatic, proactive, passionate about technology and should welcome a challenge in the context of an exciting and leading-edge information technology team.
Minimum required experience:
• Significant experience in technical security risk assessment in a consulting capacity
• Proven ability to deliver end to end security / risk assessment services
• Excellent analytical and problem-solving skills
• Financial services experience
Qualifications/Certifications:
• University degree in computer science or engineering, or equivalent
• Technical security certifications including platform/infrastructure-specific certifications, eg. CISSP, GIAC, CCNA
• Risk management certifications (preferred, not mandatory), eg. CISA, CISM, SABSA
Apply for this job.
By submitting your resume you indicate your consent for TMC to process your personal details in relation to potential job vacancies. Your details will be processed in accordance with our PRIVACY POLICY .
