KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. KPMG Executive Search and Recruitment is a business unit of KPMG China and is one of the few recruitment consultancy firms in Hong Kong that is part of a large professional organisation. We work alongside a group of professionals and advisors who provide us with a high level of insights and awareness about a wide range of businesses and professions. We support the clients and aim to provide a pleasant working experience for the clients and candidates.

Our client is one of the world leading organisations of its business type involving financial and consumer services operation.

• Provide specialist support during IS (Information Security) wide initiatives within the team, such as collaborating with Cyber Defense and Cyber Risk teams (e.g. SOC, SIEM, supporting audit fieldwork).
• Work with Technical Lead and Analyst to ensure network based security risks are identified, managed and monitored to ensure successful mitigation and risk reduction taking into account new threats / risks associated with cloud implementations.
• Take accountability in driving the review and streamlining of existing legacy processes (e.g. firewall approval process).
• Drive capability to leverage data collected from network tools and devices for threat detection and to proactively strategize approach in addressing GAPs / vulnerabilities across the network.
• Participate and influence the review / enhancement / selection of network security and vulnerability management tools / controls (e.g. firewall maintenance and management).
• Provide technical support in security log, feeds and raw source into SIEM for data security analytics.

• A university degree with technical background, particularly in Information Technology, Information Security, and Network Security.
• +12 years’ experience working in technical IT roles, with at least 4 years’ experience working  with non- technical stakeholders.
• Experience liaising directly with senior management with minimal effort particularly when elaborating complex technical concepts.
• Experience working with vendors and managing the relationship and expectations.
• Confident influence skills when working with internal and external partners.
• Strong understanding of cybersecurity principles, technology risk management and industry best practice.
• Strong knowledge of networking essentials, data -flows, architecture, ports, protocols, wireless, etc.
• A CISSP, CISM, CISA, CCSP, GIAC, CEH or equivalent certification will be advantageous
• Hands-on experience working with router / switches (Cisco), firewall management (Fortigate, Checkpoint, Palo Alto) and network security controls (e.g. IDS / IPS / WAF / DDOS).
• Hands-on experience in performing vulnerability scans (e.g. Nessus).
• Hands-on experience with endpoint protection technology (e.g. EDR, NDR, application whitelisting, web isolation, sandboxing).
• Knowledge of incident response methodologies, security issues, vulnerabilities, exploits and security standards that may impact information security.
• Good working knowledge of various flavors of Windows and Linux, OS configuration, file system structures, OS components, mobile operating systems, etc.
• Fluent in English is required

For information and application, please contact us at executive.recruitment.hk@kpmg.com. By submitting your application and communication with us, you agree to receive communications from us and agree our Personal Information Collection Statement in the following link: www.kpmg.com.cn/KER-opportunitie