Consulting - Cyber Security - Cyber Threat Management - Manager/ Senior Manager - Hong Kong

Consulting – Cyber Security – Cyber Threat Management – Manager/ Senior Manager – Hong Kong

The opportunity

Cyber threats, social media, massive data storage, privacy requirements and continuity of the service as usual require heavy information security measures. As a cyber security professional, you will help lead the implementation of security solutions for EY clients and support the clients in their desire to protect the business. You will belong to an international connected team of professionals helping EY clients with their most complex information security needs and contributing toward their business resilience. You will be working with EY Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.

We will support you with career-long training and coaching to develop your skills. as the global EY network is a leading service provider in this space, you will be working with the leading collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.

You Key Responsibilities

• Take Lead in Cyber Security engagements with a focus on Penetration Testing, Red Team Assessment and Security Testing
• Work effectively as a team lead, sharing responsibility, providing support, maintaining communication and updating team members on progress
• Help prepare reports and schedules that will be delivered to clients and other parties
• Develop and maintain productive working relationships with client personnel
• Build strong internal relationships within EY Consulting Services and with other service lines across the organization

Skills and attributes for success

As a Senior Manager or Manger in the Cyber Security Team, you will contribute technically to client engagements and services development activities. An important part of your role will be to actively establish, maintain and strengthen client’s relationships. You will also identify potential business opportunities for the EY organization within existing engagements and escalate these as appropriate. Similarly, you will anticipate and identify risks within engagements and share any issues with senior members of the team.

In line with EY commitment to quality, you will confirm that work is of high quality and is reviewed by the next-level reviewer. As an influential member of the team, you will help to create a positive learning culture, coach and counsel junior team members and help them to develop.

To qualify for the role you must have

• A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles
• Infrastructure Information systems security assessment, design, architecture, implementation, management and reporting
• Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
• Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
• Experience of manual attack and penetration testing above and beyond the running of automated tools
• Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)
• Applications
• An understanding of web-based application vulnerabilities and experience in application security review and testing
• An understanding of mobile application vulnerabilities and experience in mobile application security review and testing
• Familiarity with security standards reference such as OWASP, SANS, NIST
• Understanding of secure development practice and framework

To qualify for the role you must have 

• Bachelor's Degree in Computer Science, Information Technology or related disciplines
• 6 to 12 years of related work experience
• Sound knowledge and experience in using different hacking tools to perform foot printing, enumeration and exploitation of system infrastructure, web and mobile applications.
• Knowledge and experience in web or mobile application programming and security code review is desirable
• Excellent written and verbal communication skills in English, Cantonese or Mandarin 
• Related qualifications and/or industry certifications such as GPEN, GXPN, OSCP, OSCE, OSEE. GWAPT, OSWE, CREST and CCT

What we offer 

We offer a competitive compensation package where you’ll be rewarded based on your performance and recognized for the value you bring to our business: 

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next. 
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way. 
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs. 
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs. 
• Modern working environment and equipment, fostering mobile working flexibility 
• Acquire a fully accredited corporate MBA (EY Tech MBA) whilst working with EY, completely free 

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.