IT Security Consultant (1-year renewable contract)

Location: Hung Hom, Kowloon City District
Job Type: Contract
Posted: 30 days ago
Contact: Alice Tong
Discipline:
Reference: 197489_1566264837

  • Provides recommendations for new or modified policies, standards, and/or guidance documents based on changing technologies & security climate.
  • Stays abreast of existing and proposed security standard setting groups, and State and Federal legislation and regulations regarding security and governmental regulatory compliance related areas.
  • Recognizes and identifies potential areas where existing data security policies and procedures and/or guidance for compliance with governmental laws and regulations require change, or where new policy or guidance needs to be developed, especially regarding future business expansion.
  • Facilitates use of technology-based tools or methodologies to review, design and/or implement IT security products and services.
  • Designs and supports enterprise IT security solutions that may be comprised of hardware and software components.
  • Oversees security awareness programs and provides education on security policies and practices and/or provides training on guidance for compliance with governmental laws and regulations.
  • Develops content for security programs and global awareness communications.
  • Identifies security risks and exposures by participating in security reviews, evaluations and risk assessments.
  • Perform Risk Assessment of third party service provider arrangements.
  • Evaluate website vulnerabilities utilizing automated privacy or security scan tools and external vendor services scanning services
  • Serve as project manager / lead within IT security for small to medium-sized projects.
  • Prepare reports of key metrics for application security, information security, and/or compliance with governmental laws and regulations for presentation to management of all levels.
  • Design, develop, and recommend integrated identity and access management solutions
  • Provide technical systems integration services for the support of integrated identity management solution.
  • Interface with HR, compliance and privacy office teams to ensure consistent user identity management processes across the enterprise.
  • Designs, implements and maintains processes and procedures to ensure the security of data.
  • Conducts security assessments of systems and applications using penetration tests and risk assessment / mediation methodologies to evaluate vulnerabilities.
  • Develops techniques and procedures for conducting IS security risk assessments.
  • Monitors and maintains security databases for enterprise identity management / user provisioning



Qualification:-

  • Bachelor's degree in Computer Science, information Systems or related field, or equivalent work experience
  • Minimum 4-6 years of combined IT and security, audit, compliance related work experience
  • Strong analytical ability
  • Ability to negotiate and influence results without direct authority
  • Security, audit, or compliance certifications such as CISA, GSE, SANS, SOX or CISSP Certifications desired