Our Client, a Prominent Conglomerate, is seeking a Cyber Security Assistant Manager. This position is tasked with identifying, assessing, evaluating, and monitoring digital security risks to improve the organization’s (including subsidiaries) overall security posture during its digital transformation. Additionally, the role will oversee the Attack Surface Management (ASM), TVM, and Red Team Attack Simulation Service Line across all divisions.
Â
Responsibilities:
Communicate test results effectively to both technical and non-technical stakeholders, ensuring understanding and proper follow-up, while tracking remediation efforts with various business units.
Lead and coordinate Red Team exercises to assess the organization’s security defense capabilities, providing detailed reports and updates on findings and improvement measures.
Develop and implement mitigation controls with business units to address emerging digital risks, such as enabling Web Application Firewalls (WAF). Define security requirements for digital applications, coordinate security risk assessments for non-standard digital solutions (e.g., vendor SaaS), and ensure security requirements are integrated into the development lifecycle.
Foster a risk-based environment, contribute to the overall risk management process and promote a strong risk-aware culture by delivering digital risk awareness programs and training for stakeholders.
Oversee regular penetration tests and vulnerability scans for existing web and mobile applications, and manage go-live penetration testing for new applications across the organization.
Create and maintain a risk register for digital assets, ensuring all identified risks are mitigated. Develop a digital risks reporting dashboard to highlight related risks to business units and senior management.
Stay informed about emerging security threats, vulnerabilities, and digital and application security trends, and implement countermeasures to address new threats.
Â
Requirements:
A Bachelor’s degree in Information Security Management, Computer Science and Technology, Network and Telecommunication, or Information Systems Management.
Hands-on expertise in digital and application security, focusing on conducting comprehensive penetration tests and thorough vulnerability scans to identify, assess, and mitigate security risks effectively.
In-depth knowledge of Red Teaming methodologies, approaches, and tools, with a thorough understanding of adversarial simulation techniques to rigorously test and enhance the organization’s security defenses.
Strong understanding of Attack Surface Management (ASM) platforms, with the ability to effectively utilize these tools to continuously identify, monitor, and mitigate potential vulnerabilities across the digital footprint.
Comprehensive knowledge of Web Application Firewalls (WAF), including their deployment, to protect web applications from common threats and vulnerabilities.
A minimum of 5 years experience in information security/cybersecurity, with at least 3 years focused on digital security, vulnerability management, and penetration testing.
Preferred professional certifications such as CISSP, OSCP, OSWE, GPEN, or GWAPT.
Excellent verbal and written communication skills in English, Putonghua, and Cantonese.
Â
If this outstanding opportunity sounds like your next career move, please submit through "Apply Now" or send your resume in Word format to Hanson Tsien at resume@pinpointasia.com and put Red Team Assistant Manager (In-house) - Prominent Conglomerate in the subject header.
Â
Data provided is for recruitment purposes only.