Our Client is A Big-4 Consulting Firm 

Responsibilities:

• Take Lead in Cyber Security engagements with a focus on Penetration Testing, Red Team Assessment and Security Testing
• Work effectively as a team lead, sharing responsibility, providing support, maintaining communication and updating team members on progress
• Help prepare reports and schedules that will be delivered to clients and other parties
• Develop and maintain productive working relationships with client personnel
• Build strong internal relationships within the Firm’s Consulting Services and with other service lines across the organization

Requirements:

• A broad appreciation of business processes, data structures, IT applications and infrastructure, IT processes, and governance and internal control principles
• Infrastructure Information systems security assessment, design, architecture, implementation, management and reporting
• Strong technical or security skills related to a broad range of operating systems, databases or security tools, e.g., UNIX, Linux, Windows 2000 and NT, firewalls and IDS systems
• Experience of security testing methods and techniques including network, operating and application system configuration review and internal/external penetration testing
• Experience of manual attack and penetration testing above and beyond the running of automated tools
• Experience in developing custom scripts or programs (used for port scanning and vulnerability identification)
• Applications
• An understanding of web-based application vulnerabilities and experience in application security review and testing
• An understanding of mobile application vulnerabilities and experience in mobile application security review and testing
• Familiarity with security standards reference such as OWASP, SANS, NIST
• Understanding of secure development practice and framework
• Bachelor’s Degree in Computer Science, Information Technology or related disciplines
• 6 to 12 years of related work experience
• Sound knowledge and experience in using different hacking tools to perform foot printing, enumeration and exploitation of system infrastructure, web and mobile applications.
• Knowledge and experience in web or mobile application programming and security code review is desirable
• Excellent written and verbal communication skills in English, Cantonese or Mandarin
• Related qualifications and/or industry certifications such as GPEN, GXPN, OSCP, OSCE, OSEE. GWAPT, OSWE, CREST and CCT

Interested parties, please send your CV in MS Word format with an indication on present and expected salary to Mr. Lee via email at alee@wwhcc.com, thanks!