Talent.com
你所在的国家不提供此工作机会。
Senior / Junior Information Security Consultant (Governance, Risk and Compliance)

Senior / Junior Information Security Consultant (Governance, Risk and Compliance)

Wizlynx GroupHong Kong
17 天前
职位描述

Job Summary and Mission

This position contributes to the success of wizlynx group by performing the following :

  • Responsible for development and operational activities across the entire scope of our clients Security Governance, Risk and Compliance programs.
  • The job encompasses leading and participating in the assessment of security, risks, and control effectiveness for applications, infrastructure, and technology projects. The Specialist will identify, classify, and document control issues in our clients computing environment by documenting assessment results, recommending corrective action, tracking remediation, evaluating policy and control standard exceptions, and regularly reporting to our clients IT management.
  • Serve as the primary contact point for issue escalation
  • Manage service support requirements and ensure that quality plan, KPIs / SLAs are met
  • Draft support SOP and documentation
  • Models and acts in accordance with wizlynx group guiding principles

With this position, you will also have the opportunity to get introduced to different areas of information and cyber security such as Offensive Security & Penetration Testing

Summary of Key Responsibilities

  • Leads IT control assessments for our clients to ensure effective IT controls are in place to meeting operational and compliance requirements.
  • Works with our clients IT, Internal Audit, Compliance and other key stakeholders to create an IT GRC strategy that complies with professional standards and addresses the IT risks inherent in our client’s operations and industry.
  • Develops Vendor Risk Management policies and supports client’s risk profile assessment for vendor on-boarding process and conducts annual review of critical vendors.
  • Performs ongoing logical access reviews and recommends updates to access control privileges to ensure proper Segregation of Duties based on user access reviews.
  • Effectively reports and communicates testing results to client’s IT management for corrective action, where required.
  • Conducts information security awareness training.
  • Performs evidence collection and project management assistance of our clients annual compliance (e.g. CREST, PCI DSS) certification program.
  • Track and monitor risk exceptions to ensure control deviations are identified and mitigating controls are in place.
  • Assist our clients with drafting and maintaining information security policies
  • Provides mentoring for other team members.
  • Demonstrates excellent project management skills, inspires teamwork and responsibility with engagement team members, and uses current technology / tools to enhance the effectiveness of deliverables and services.
  • Facilitates the performance and testing of our client’s annual disaster recovery tests and business continuity plans.

    • Summary of Ideal Experience, Skills, Knowledge, and Abilities

    Ideal Experience

    a) Senior GRC role :

    A minimum of five years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation / architecture and consulting experience preferred.

    b) Junior GRC role :

    One to two years of experience in information security audit or in a technology-related audit or compliance field, and strong knowledge base in operations, enterprise networking, system evaluation / architecture and consulting experience preferred.

  • Strong understanding of and ability to provide security configuration and testing of networking and operating systems including TCP / IP, WAN / LAN routing, VLAN architecture, and a wide array of large-scale environments including various major web application servers
  • Strong understanding of information security principles such as ISO 27001, HKMA CFI, CRAF, HK SFC, HKIA Guideline on Cybersecurity (GL20), PCI-DSS, PDPO, and other regulatory compliance

    • Language Skills

  • Fluent technical English (speech and writing)
  • Ability to communicate clearly and concisely, both orally and in writing, in local language

    • Soft Skills

  • Excellent team leadership, team oriented and team player who takes ownership
  • Flexible attitude, reliable, action oriented
  • Customer friendly approach and appearance
  • Willingness to travel
  • Innovative to push new ideas, dynamic and forward looking with clear management principle towards the team
  • Able to work independently, critical thinking and be able to communicate effectively with the support team and customers
  • Enjoys working in global team with different cultures

    • Technical Skills and Abilities

  • Microsoft OS and Office knowledge
  • Technical document writing
  • Experience in Project Management in IT
  • Knowledge in perimeter firewall infrastructure and VPN remote access

    • Summary of Education

  • Bachelor's degree from an accredited college / university in an appropriate field

    • Certifications / Training

  • CISM, CISA, CRISC, CISSP certified

    • KEY PERFORMANCE INDICATORS / MEASURES OF SUCCESS

  • Achieve agreed targets / SLA / KPI in terms of quality, time and cost
  • Lead team members to achieve team / organizational goals
  • Improve and retain high customer satisfaction

    • POTENTIAL CAREER DEVELOPMENT

  • Advance to higher business development tiers or geographic reach
    • 为此搜索创建职位提醒

    Information Security • Hong Kong

    相关职位
    Senior Manager, Risk and Compliance (HSIL)

    Senior Manager, Risk and Compliance (HSIL)

    Hang Seng BankHong Kong
    Hang Seng Indexes Company Limited.Hang Seng Indexes Company Limited (HSIL), a wholly-owned subsidiary of Hang Seng Bank, is the leading index provider for the Hong Kong and mainland China markets.W...展示更多上次更新时间:30 天前
    Senior Compliance Consultant

    Senior Compliance Consultant

    Compliance Consulting LimitedHong Kong
    Compliance Consulting Limited .Hong Kong, offering regulatory and compliance advisory services to financial intermediaries. Our clients include brokerage houses, futures trading companies, corporate...展示更多上次更新时间:30 天前
    Consultant / Senior Consultant, Financial Risk Management (Market Risk)

    Consultant / Senior Consultant, Financial Risk Management (Market Risk)

    KPMGHong Kong
    KPMG China provides multidisciplinary services from audit and tax to advisory, with a strong focus on serving our clients’ needs and their industries. Not only do we have an overriding commitment to...展示更多上次更新时间:30 天前
    Senior Manager, IT Governance and Architecture

    Senior Manager, IT Governance and Architecture

    West KowloonHong Kong
    The West Kowloon Cultural District Authority welcomes exceptional talent with a passion to realise the vision and mission of making the West Kowloon Cultural District a prime local and internationa...展示更多最后更新时间: 17天前
    Manager to Specialist, Governance & IT Risk (Cybersecurity)

    Manager to Specialist, Governance & IT Risk (Cybersecurity)

    CaptiareHong Kong
    My client is seeking a group of highly skilled Governance, Risk, and Compliance (GRC) professionals, from Manager to Specialist, to become cybersecurity team. The ideal candidate(s) will be responsi...展示更多最后更新时间: 17天前
    Associate Director, Data Security and Compliance

    Associate Director, Data Security and Compliance

    ManulifeHong Kong
    Associate Director, Data Security and Compliance.The Asia Data Office (ADO) is a team of data professionals dedicated to enabling data as a strategic asset to drive business outcomes across Asia an...展示更多最后更新:1 天前
    Senior Group Manager, Distribution Risk and Governance

    Senior Group Manager, Distribution Risk and Governance

    Prudential plcHong Kong
    Prudential’s purpose is to be partners for every life and protectors for every future.Our purpose encourages everything we do by creating a culture in which diversity is celebrated and inclusion as...展示更多最后更新时间: 17天前
    Officer (Risk Management and Compliance)

    Officer (Risk Management and Compliance)

    HONG KONG MONETARY AUTHORITYHong Kong
    The Hong Kong Monetary Authority (HKMA) is charged with the responsibility for maintaining the stability and integrity of the monetary and financial systems of Hong Kong. There is now an excellent o...展示更多上次更新时间:30 天前
    Consultant (Resilience, Security & Risk – Electronic Security Systems)

    Consultant (Resilience, Security & Risk – Electronic Security Systems)

    ArupHong Kong
    Arup’s purpose, shared values and collaborative approach has set us apart for over 75 years, guiding how we shape a better world. Demonstrate understanding of the security market place.Assist the pl...展示更多上次更新时间:30 天前
    • 新!
    Senior Associates (Compliance & Risk Management)

    Senior Associates (Compliance & Risk Management)

    Talent Fields Hong Kong Company LimitedHong Kong
    Key Responsibilities s Achievements.Conducted forensic audits and financial crime investigations, including fraud, money laundering, and regulatory breaches. Analyzed financial statements, transacti...展示更多最后更新时间: 17小时前
    FSO - Assurance - Audit - Technology Risk - Senior / Staff Accountant - Hong Kong

    FSO - Assurance - Audit - Technology Risk - Senior / Staff Accountant - Hong Kong

    EYHong Kong, Hong Kong / 香港特别行政区, CN
    FSO - Assurance - Audit - Technology Risk - Senior / Staff Accountant - Hong Kong.Technology compliance, licensing, governance setup, massive data storage and related privacy security, virtual asset ...展示更多上次更新时间:30 天前
    Technology Risk Manager (Information Security Control Division)

    Technology Risk Manager (Information Security Control Division)

    Bank Of China (Hong Kong) LimitedHong Kong
    Drive security assessments of third-party vendor focusing onpliance with regulations,pany policies, and internal controls. Oversee information security risk management processes for onboarding and o...展示更多最后更新时间: 11天前
    Senior Security Consultant

    Senior Security Consultant

    LenovoHong Kong, Hong Kong
    Conduct comprehensive risk and control assessments to identify, evaluate, monitor, and mitigate risks across IT systems, applications, and network operations. Conduct red / purple team operation and p...展示更多最后更新时间: 17天前
    Senior Manager, Cybersecurity

    Senior Manager, Cybersecurity

    Tahoe Life Insurance Company LimitedHong Kong
    The Senior Manager, Cybersecurity is responsible for establishing, maintaining, and continuously improving the company's information security framework to protect critical systems, data, and digita...展示更多上次更新时间:30 天前
    Global Security GRC Analyst (Governance, Risk, and Compliance)

    Global Security GRC Analyst (Governance, Risk, and Compliance)

    DentonsHong Kong
    We are driven to always be the firm of the future, to challenge the status quo, and to provide holistic business solutions to our clients in new and innovative ways. We are the world's largest globa...展示更多最后更新时间: 17天前
    Governance, Risk & Compliance Manager

    Governance, Risk & Compliance Manager

    Delivery HeroHong Kong, HK
    Implement the risk management and internal control framework defined by the Group within the organisation including identifying, analysing, evaluating, mitigating and monitoring of risks for HongKo...展示更多上次更新时间:30 天前
    Consultant / Senior Consultant - Risk & Regulatory Compliance (SFC)

    Consultant / Senior Consultant - Risk & Regulatory Compliance (SFC)

    Sia PartnersHong Kong, Hong Kong
    We are currently looking for a Senior Risk & Regulatory Compliance consultant from a Financial Services industry background (ideally with Management Consulting experience) to join our team in Hong ...展示更多最后更新时间: 28天前
    AVP, Risk Governance

    AVP, Risk Governance

    CitiHong Kong
    And we've been doing it for more than 200 years.We do this through our unparalleled global network.We provide a broad range of financial services and products to our clients - whether they be consu...展示更多最后更新时间: 17天前