• About the Role:

  • The main purpose of this role is to manage and support the development and governance of in the global security programmers, initiatives and improvements. As a Senior Security Consultant you will be the main cyber security contact to your assigned domain areas where you will provide cyber security direction and guidance to all levels of all our team members.

  • Specifically, to support the development, implementation and maintenance of Information Security Risk Management. To examine systems and procedures to identify potential adverse events, including hardware and software crashes, physical disasters, malicious intruders, malware, denial of service attacks and employee misconduct.

Job requirements:

  1. Full-time college degree or above, major in computer software or related;

  2. Knowledge and experience of OA system, especially used for organizations with subsidiary in multiple regions.

  3. Understanding of software design, database principle.

  4. Experience in Microsoft Teams, SharePoint, and Modern desktop IT support are preferred.

  5. Experience of AWS based infrastructure maintenance will be a plus.

  6. Excellent interpersonal and communication skills, ability to work effectively with other internal users and external vendor.

  7. A logical and analytical approach to problem solving.

  8. Must be fluent in Mandarin and English in terms of written and verbal communication skills.

  9. Adhere to high-quality development principles while delivering solutions on-time and on-budget.

About Your Talents

  1. Strong knowledgeable of current advances in all areas of information technology concerning vulnerabilities, security breaches or malicious attacks

  2. Continuously evaluate/audit communication security, data vulnerability, business continuity and compliance risks

  3. Identify vulnerabilities or weaknesses in systems and processes

  4. Examine employee compliance with security controls and deficiencies

  5. Evaluate security policy, processes and procedures for completeness

  6. Ensure that controls are adequate to protect sensitive information systems

  7. Report to management on system vulnerability and protection against malware and hackers

  8. Clearly document and define risks and potential impacts along with the statistical probability of such an event and identify systems affected by the defined risk

  9. Provide mitigation/ damage reduction proposals with cost justification

  10. Assist in identifying breaches in Information Security or tracking the source of an unauthorized intrusion.

  11. Identify defensive steps to take, including necessary firewalls, security software and data encryption

  12. Recommend all infrastructure and applications patching and remediation be done

  13. Logging and coordinating the identified vulnerability management and tracking the remediation of risks associated with critical/sensitive information, systems, services and processes

  14. Working knowledge of Information Security Risk Management

  15. Proven experience in Information Security Risk Management processes

  16. Working knowledge of security frameworks/standards e.g. ISO 27001, COBIT or NIST Cybersecurity Framework

  17. Mentor and coach junior members of the team

  18. Certified in CRISC/CISSP/CISA/CISM/CGEIT

  19. At least 6 years of relevant experience in Information Security.

  20. Demonstrated strong technical skills and operational experience in the management, configuration and support across at least four of the below areas (on-premises or public cloud):

    1. Firewalls

    2. Vulnerability Management

    3. Email Security

    4. Identity and Access Management

    5. Endpoint Security (EPP and EDR)

    6. Key Management

    7. Web Application Firewalls

    8. Microsoft 365, Azure Security Centre, Azure, and relevant security best practices on these platforms.

Sounds like fun?

  • Drop files here or
    Max. file size: 50 MB.