Cyber Security Risk Manager/AM(Red Team)45-70K+bonus

Your new company
Leading Regional Retail Conglomerate

Your new role

Plan and execute periodic in-house and external red-team exercises of the company, and oversee the implementation of rectification measures.
Evaluate existing cyber defences against MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) Framework.
Perform per-launch penetration testing exchange-related systems, products and applications upon request.
Monitor and analyse emerging cyber threat of the company, having regard to cyber intelligence and threat landscape related to relevant Group entities.
Escalate major cyber risks to senior management and relevant stakeholders in a timely manner, and coordinate measures for addressing the risk.
Conduct specialist investigation into significant cyber incidents or control lapses.
Deliver an effective independent cyber security review strategy, covering specialist reviews and tests on cyber security controls.
Provide specialist support to ongoing cyber awareness training and phishing test.
Provide specialist support to the formulation of effective strategy, framework and structure for managing cyber risk of the company and the implementation through collaboration with relevant stakeholders.
Provide specialist support to the delivery of effective governance on cyber risk, covering the risk appetite, risk metrics, risk monitoring and governance reporting

What you'll need to succeed

University degree in information security, computer science, or related fields of study
At least 5 years of relevant experience in cyber risk management, preferably in financial services sector or professional services for clients in financial services, insurance or retail industry
Solid experience in monitoring and analysing cyber risk and intelligence, planning and delivering red-team exercises, organizing cyber drills and overseeing cyber incident management, conducting cyber security reviews and tests, cyber forensic practices, cyber awareness training and phishing tests
Hands-on security operations, threat intelligence, incident response, detection engineering and other related experience would be beneficial
Demonstrate good knowledge in IT environment and cyber related controls from both a tactical and strategic viewpoint
Proven track record in initiating and implementing significant changes or projects involving different stakeholders and aligning their interests.
At least one of the relevant certification/accreditations required such as CREST (CCSAS/CCSAM/CCT), OSCE3 (OSWE/OSED/OSEP), OSCP, GIAC (GXPN/GCPN/GWAPT/GPEN)

What you need to do now
If you're interested in this role, please send your cv to eddie.chow@hays.com.hk #1223181

Talk to Eddie Chow, the specialist consultant managing this position, located in Hong Kong

6604-06,66/F, ICC, 1 Austin Road West, West Kowloon

Cyber Risk Manager/AM(Red Team)45-70K+bonus
Cyber Risk Manager/AM(Red Team)45-70K+bonus
HongKong