top of page

Regional Cybersecurity Assurance (Leading Investment Bank)

Infrastructure & Cloud

12 September 2023

Hong Kong

Our client, one of the leading investment banks in Hong Kong, is now keen to meet with and hire a strong Cybersecurity Assurance expert to join their team and help cover the cybersecurity and security assurance of the bank's IT, systems, infrastructure, processes, etc. across the APAC region.

This is an excellent opportunity and great exposure. Candidates with security consultancy / "Big 4" backgrounds are welcome to apply.

Responsibilities:


  • Develop and implement security controls to protect the Bank's IT, data, and assets.

  • Execute and conduct security assessments and assurance for technology, systems, infrastructure, and processes.

  • Analyse security risks, identify vulnerabilities and propose strategies to mitigate and protect against the above security risks.

  • Manage external third parties to perform security assessments: vulnerability scanning, penetration testing, and technical and security architecture assessments.

  • Liaise and work closely with internal and cross-functional teams to ensure compliance with security standards, policies, and regulations; including building strong partnerships with senior stakeholders, Group / Regional teams, vendors, external parties, etc.

Requirements:


  • At least 7+ years' experience in Cybersecurity Assurance and Testing

  • Banking and Financial experience working with SFC in Hong Kong and/or MAS in Singapore would be a plus (not a must).

  • Proven track record leading and conducting security control assessments and risk analysis using security tools such as vulnerability scanners, SIEM, intrusion detection, etc.

  • Strong experience coming from infrastructure or application development / SDLC. Cloud security knowledge is a definite advantage.

  • Excellent communication and interpersonal skills in English and Cantonese (a plus).

  • Bachelor's degree in Computer Science, IT, or Information Systems (or related).

  • Professional certifications in CISSP, CCSP, CISA, and/or cloud-related qualifications are a definite advantage.


bottom of page