Manager / Associate Director - Cyber Security (FSI) - Technology Risk - Risk Advisory
About Deloitte China
Our professionals at Deloitte China provide a full range of audit & assurance, consulting, financial advisory, risk management and tax services, and work closely within Greater China, across Asia-Pacific and around the world to provide clients of every size with local experience and international expertise. We have considerable experience in China and are one of the leading professional services providers in this marketplace.
The Deloitte purpose is about making an impact that matters to our clients. Our extensive service spectrum enables us to help clients become leaders wherever they choose to compete. Deloitte is committed to investing in our people and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we.
To learn more about how Deloitte makes an impact that matters in the China marketplace, please connect with our Deloitte China social media platforms via www2.deloitte.com/cn/en/social-media . About Risk Advisory
Risk management covers many areas including security and privacy, reputation and control. Our professionals help clients across many industries flag, analyze, evaluate and manage strategic, technology, operational and fraud risks while discovering opportunities to create value. If you want to make an impact by helping clients to prevent and manage risk-related issues while creating significant value to their businesses this may be your chance to start a remarkable career.
Technology Risk team helps our clients to improve business confidence, manage and address technology risks, and to ensure that early warning mechanisms are in place through providing comprehensive technology risk consulting services to a broad range of businesses.
Our team in Hong Kong is rapidly growing. Due to client demand, we are looking for talents to join our high performing team. At Deloitte we view technology risk as primarily a business challenge. It take not only advanced technologies to mitigate technology risk, but also strong threat awareness, sound analytics capabilities, and solid preparedness to mount an effective response to crises; on the other hand, dependable governance processes are required to support strong leadership keeping organizations focused on what really matters.
In view of this, we deliver to our clients the full range of capabilities needed to build comprehensive technology risk programs, catering to all levels, from C-suite to technology operations. This broad reach enables us to offer the most informed, innovative advisory services. By joining us, you can be part of the forces developing next-gen technology risk solutions. Work you'll do:
Your role as leader:
- Lead / conduct regulatory compliance assessments for global and local financial institutions in meeting various regulatory requirements
- Provide strategic advice to our clients in design and implementation of governance, risk management, security to address the latest Fintech business and infrastructure development (e.g. (including permissioned blockchain adoption, Cloud Computing, Robotic Process & Cognitive Automation, Big Data, Machine Learning)
- Establish technology risk and cybersecurity governance framework for our clients including strategies, organizations, policies, processes, standards and guidelines, etc.
- Work with multi-level of our clients from C-level executives, senior and management staff to on-the-ground professionals
- Develop market offerings with security solution vendors, cloud providers, internal teams to deliver complex engagements both locally and overseas
- Support Director/Partner on opportunity to deliver sales cycle via identifying opportunities, responding to request to proposal, conveying our pragmatic solutions to client via presentations and meetings
- Provide guidance, coaching (i.e. internal training) and constructive feedback to team members
- Acts as a role model, embracing and living our purpose and values, and recognizing others for the impact they make
- Develops high-performing people and teams through challenging and meaningful opportunities
- Delivers exceptional client service; maximizes results and drives high performance from people while fostering collaboration across businesses and borders
- Influences clients, teams, and individuals positively, leading by example and establishing confident relationships with increasingly senior people
- Understands key objectives for clients and Deloitte, aligns people to objectives and sets priorities and direction
- Bachelor degree or above in Computer Science, Information and Communications Technology, Information Systems, Risk Management, or other related disciplines
- Professional qualifications holder will be an advantage: CISA, CISM, CISSP, CCSP or equivalent, is required
- At least 7 years of working experience in 3 or more of the following:
- HKMA regulatory compliance review (e.g. TM-G-1,TM-E-1, Outsourcing SA-2, CDP, CRAF, iCAST, and Insurance Authority'sGL20)
- Security assessment based on industry frameworkand standards (e.g. NIST-800, ISO27002)
- SWIFT CSCF assessment
- Cloud security assessment on SaaS solution(e.g. Bloomberg trade platform, Microsoft 365, Salesforce, Microsoft workday)
- Cloud security assessment for platform hosting(IaaS/PaaS) with AWS/Azure/GCP/Alicloud
- Practical experience on information/cybersecurity 1st line of defense in-house role in financial sector will be a plus
- Familiar with businesses and operational workflows in 3 or more of the following:
- front to end internet/mobile banking operationsfor retail banking
- front to end internet/mobile security tradingoperations
- front to end financial assets trading, clearingand settlement operations (e.g. bonds, commodity derivatives, exchange tradedfunds)
- front to end internet/mobile life insuranceoperations
- Solid knowledge of cloud solution, system architecture and security requirements of banking solution (e-banking applications, core banking system, ), operating system (UNIX, Linux, Windows, AS/400, etc.), database management systems (Oracle, SQL Server, Sybase, etc.) or network devices (router, switch, firewall, load balancer, intrusion detection and prevention system) is an advantage.
- Track record in delivering willing proposals, develop sustainable client relationship or client service excellence is highly preferred.
- Experience in leading and managing a team in completing assignments
- Strong consultation, reporting writing and communication skills with highly proficiency in both spoken and written English and Chinese (Cantonese); Mandarin would be an advantage.
- Candidates with less experience will be considered as Manager
Deloitte China refers to Deloitte Touche Tohmatsu in Hong Kong, Deloitte Touche Tohmatsu in Macau, Deloitte Touche Tohmatsu Certified Public Accountants LLP in the Chinese Mainland and their respective affiliates practising in Hong Kong, Macau and the Chinese Mainland.
Requisition code: CN171409