Assistant Manager - ITS (Application Security) - Hong Kong

Deloitte

  • Hong Kong
  • Permanent
  • Full-time
  • 29 days ago
Pursue a Career with ImpactAt Deloitte China, we are on a mission to nurture and empower our people to become deep subject matter experts. We offer the perfect platform to unleash your full potential and equip you to thrive on challenges, and partner with our clients to solve their most complex problems. A world of opportunities awaits. Start your adventure and journey with us.About The BusinessInformation Technology Services is a closely collaborative national team that provides IT-related procurement and implementation, infrastructure and operational support, application solutions and systems project management services, evaluating and promoting new systems and software to improve productivity and ensure information security.Work you'll doAbout you:You are energetic, open-minded and smart-working individuals who can thrive in a dynamic, fast-paced, agile environment. You have a strong thirst for technology knowledge and are driven to find solutions that don’t exist yet.You are extremely resourceful and you like to face challenges in a positive manner and flexible response to changes.You always find a way to get things done without sacrificing the quality of work, integrity and values. You are humble and take team's success as your target and willing to help others.About This Role
  • With strong background in both IT and Security. You'll use this dual expertise as you work closely with the internal /external development/technology team on various security checkpoints in defining security requirements, security controls design, security testing and quality assurance check according to globally-defined standards and policies.
Accountabilities – Key Result Areas
  • Provide advisory support to business stakeholders and various application development teams on proper managing IT security risk throughout software development life cycle in compliance with the Technology Operating Model.
  • Work closely with project team on various security checkpoints in defining security requirements, security controls design, security testing and quality assurance check according to globally-defined standards and policies
  • Co-ordinate with business functions in conducting security risk assessment, application architecture review, security requirements identification and controls verification processes
  • Perform vulnerability scanning and penetration testing on applications and work with developers to resolve security related issues and provide consultancy on coding best practices and mitigations prior to production release
  • Participate to build up a culture of secure SDLC and raise awareness to developers on programming practices according to the secure coding requirements and guidelines
  • Contribute to ensure compliance to corporate information security policies, standards and practices as well as liaise with relevant stakeholders, including contractors and vendors
  • Assist to manage application security framework and drive other information security initiatives.
  • Security and compliance project management.
Key StakeholdersIT team, risk team, global security team, application developer, internal auditor.During your tenure with us, you will demonstrate and develop your leadership and professional capabilities in the following areas: Inspiring, Creating purpose, Driving agility, Building diverse capability, Influencing, Collaborating, Delivering value, Building the business, Analytical acumen, Effective communication, Engagement management/delivery excellence, Managing change, Managing quality & risk, Strategic thinking and problem solving, and Tech savviness.We are looking for someone withExperience / Qualification Requirements
  • 3-5 years' experience in managing application security risk from development to production stage with knowledge of secure coding practices and common threat vectors such as the OWASP top 10.
  • Degree holder in Information Security, Computer Science, Information System or related discipline
  • CISSP, CSSLP, CEH, GWAPT or equivalent security related qualifications is preferred
Managerial Competencies
  • Strong self-motivation, pro-active, good communication and analytical skills
  • Good people skills to work with business users and technical teams, independently work with less supervision and under pressure
  • Good command of both spoken and written Chinese (including Mandarin) and English
Technical Competencies
  • Excellent knowledge of the Secure SDLC with sound application development background would be preferable
  • Knowledge and experience in networking, system and cyber security administration and best practices
  • Exposure on cloud platform, cloud security industry best practices would be a plus
  • Working knowledge of vulnerability testing tools and methodologies
Shape your future through impact that mattersFor more than 100 years of history, Deloitte witnessed also had the honor to be part of the economic boom in China by providing industry-leading audit & assurance, consulting, risk advisory, financial advisory, tax & business advisory services to nearly 90% of the Fortune Global 500 Chinese companies and thousands of private companies. Deloitte China today carries on our centenary professionalism and strives to become the undisputed leader in professional services in China with strong responsibility and capabilities in digitalization and multidisciplinary services.Deloitte has been named China's Top Employer since 2006, Universum's Most Attractive Employer in China since 2008, and the Best Workplaces in Greater China since 2019.All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte China or by their external third-party provider.Accessibility assistanceIf you need assistance or an accommodation during the recruitment process for accessibility reasons, there will be an opportunity for you to let us know what you need once you begin your application.Ready to take on new challenges? Apply now!Stay connected for the latest career opportunities, follow us on Deloitte China Social Media.Why Deloitte China?Deloitte China delivers a comprehensive range of audit & assurance, consulting, financial advisory, risk advisory and tax services to local, multinational and growth enterprise clients in China.
  • We are the world's largest professional services firm that changes the world, we lead with purpose and shared values.
  • We are the market leader with digital and innovative solutions , we create values for client through our multi-disciplinary services.
  • We are recognized as Top Employer in China by the Top Employers Institute* for 14th consecutive years, and made the top 3 for the first time this year!
  • We are certified as one of the ‘Best Workplaces™ in Greater China by Great Place to Work® in 2019
All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.

CTgoodjobs