Cybersecurity Specialist – Financial Services Consulting
Hong Kong, Hong Kong
Full Time
6 hours ago
No H1B
Key skills
Cyber SecurityBlockchainCommunicationOWASPPenetration Testing
About this role
Role Overview
- Provide expert advice on security frameworks and best practices
- Develop and implement cybersecurity strategies tailored to financial institutes and collaborate with clients to enhance their cyber security posture and compliance with regulations
- Conduct risk assessments, vulnerability analyses, penetration testing and/or attack simulation to identify potential threats
- Monitor and respond to security incidents, ensuring rapid remediation
- Stay updated on emerging threats, technologies, and regulatory changes
- Conduct training and awareness programs for clients and internal teams
- Prepare and present reports on cyber security status and improvements
- Conduct detailed penetration tests and vulnerability assessments across various IT systems within financial institutions, including but not limited to systems handling virtual assets
- Develop security testing plans that are tailored not only to traditional financial systems but also to emerging technologies associated with virtual assets, such as blockchain
- Collaborate with clients to assess and enhance their cybersecurity measures, with a particular focus on technologies involved in the management and transaction of virtual assets
- Perform IT and security assessments based on regulatory requirements from bodies such as HKMA, SFC etc., ensuring compliance while addressing specific security concerns
- Engage directly with client stakeholders, providing clear communication regarding security vulnerabilities, implications, and strategic recommendations
- Maintain up-to-date knowledge of the latest cybersecurity threats, regulatory changes, and advancements in technology impacting both traditional financial services and the virtual assets sector
Requirements
- A bachelor’s degree in Information Systems, Computer Science, Engineering, or a related field
- 2-5 years of experience in cybersecurity, advantage with specific expertise in penetration testing and/ or simulation attacks
- Experience with Big4 or similar consulting firms
- Experience in virtual assets, blockchain technology, or related fields is highly preferred
- Relevant industry certification such as CISM, CISSP
- Additional certifications in cybersecurity or blockchain technology, such as OSCP, OSCE, OSEE, GPEN, CREST, are advantageous
- Demonstrated ability to think analytically and solve complex problems
- Excellent interpersonal and communication skills, capable of engaging effectively with both technical and non-technical stakeholders
- Proficiency in English; fluency in Cantonese and Putonghua is highly preferred
- Advanced skills in report writing and the creation of professional, insightful presentations and reports
- Familiar with security standard references such as OWASP, SANS, NIST
- Knowledge and experience of security testing methods and techniques, including network, operating system and application system configuration review and internal/external penetration testing
- Knowledge and experience in web and mobile application security review and testing are desirable
Tech Stack
- Cyber Security
Benefits
- medical and dental insurance
- life insurance
- a 5-day working week
- discretionary performance bonus
- birthday leave
- marriage leave