Advisory - Risk - Cyber Security - Manager (SOC) Advisory - Risk - Cyber Security - Manager (SOC) …

Ernst & Young
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
to be discussed
Ernst & Young
in Hong Kong, Hong Kong, Hong Kong
Permanent, Full time
Be the first to apply
to be discussed
Advisory - Risk - Cyber Security - Manager (SOC)

Cyber threats, social media, massive data storage, privacy requirements and continuity of the business as usual require heavy information security measures. As an information security specialist, you will lead the implementation of security solutions for our clients and support the clients in their desire to protect the business. You will belong to an international connected team of specialists helping our clients with their most complex information security needs and contributing toward their business resilience. You will be working with our Advanced Security Centers to access the most sophisticated tools available to fight against cybercrime.


We will support you with career-long training and coaching to develop your skills. As EY is a global leading service provider in this space, you will be working with the best of the best in a collaborative environment. So whenever you join, however long you stay, the exceptional EY experience lasts a lifetime.



Your key responsibilities

  • Lead the Security Operation Centre and handle information security requests, incidents or breaches day to day. Proactively follow through and provide support to the case, mitigation and recovery, investigation, reporting and improvement in the future
  • Provide advice and consultancy on requirements of conformance to cybersecurity standards in design, development, and operation of IT/OT Systems. Continuously identify, assess, measure and monitor information technology and cyber risk by performing independent hands-on risk assessments for new projects and non-standard IT requests
  • Liaise with clients on security intrusions and provide swift and accurate remedial action
  • Prepare service reports for clients and internal parties, meeting with clients to provide security advices
  • Identify and co-ordinate the planning, development, and implementation support of technical security controls, including patches for systems vulnerabilities, for technologies deployed by the Authority.
  • Assess adequacy of security and risk mitigation controls, evaluate threats and vulnerabilities, assess the level of current and residual risk and communicate these risks to relevant stakeholders.
  • Help Establish and enrich IT security policies, standards, procedures and guidelines with up-to-date industry standard. Review and identify IT security risk and recommend improvement resolution
  • Monitor network traffic through Intrusion Detection/Prevention System (IDS/IPS), audit trial to proactively identity indicators of compromise
  • Perform maintenance and operation support for security devices such as firewall, IDS/IPS, and security related products

  • Help Implement cybersecurity monitoring framework

  • Provide operational support to system and network teams regarding security related matters

  • Secure information systems and protect them from unauthorized access or tampering



To qualify for the role you must have


  • Bachelor's degree in Information Technology /Computer Science /Computer Engineering or related disciplines, experience in security solutions SI and SOC operations will be an advantage
  • Minimum 5 years of experience in IT security management including in-house IT security officer, SOC analyst/operator, etc.
  • Solid understanding of Security Solutions, e.g., Email Security, Cloud, DLP, Web Isolation, Web Security Services, Privilege Account Management, CASB (e.g., CloudSoc), NGFW (e.g., PA), EDR, etc
  • Good understanding of security standards (e.g., NIST, PCI-DSS and ISO27001) and framework
  • Experience with monitoring, analysis and troubleshooting solutions would be helpful
  • Holder of Splunk Certified Architect is a definite advantage
  • Knowledge of networking, cloud and data center technologies
  • Hands on experience in IT security project management, emergency mitigation and IT security assessment is preferable;
  • Business centric and possess can-do attitude
  • Strong interpersonal skills and able to interact effectively with both management and clients
  • Excellent supervisory, analytical, organizational and leadership ability
  • Able to adapt to new projects, tasks and teams and changes in direction quickly
  • Customer focus with strong presentation and negotiation skills
  • Good spoken and written communication skills
  • Fluent in English, Mandarin and Cantonese


What working at EY offers

  • Support, coaching and feedback from some of the most engaging colleagues around
  • Opportunities to develop new skills and progress your career
  • The freedom and flexibility to handle your role in a way that’s right for you


About EY

As a global leader in assurance, tax, transaction and advisory services, we’re using the finance products, expertise and systems we’ve developed to build a better working world. That starts with a culture that believes in giving you the training, opportunities and creative freedom to make things better. Whenever you join, however long you stay, the exceptional EY experience lasts a lifetime. And with a commitment to hiring and developing the most passionate people, we’ll make our ambition to be the best employer by 2020 a reality.


If you can confidently demonstrate that you meet the criteria above, please contact us as soon as possible.

Join us in building a better working world.

Apply now.