Job Snapshot

Hong Kong
Employment Type:
Job ID:

Job Summary

We are a leading international bank focused on helping people and companies prosper across Asia, Africa and the Middle East.

To us, good performance is about much more than turning a profit. It's about showing how you embody our valued behaviours - do the right thing, better together and never settle - as well as our brand promise, Here for good.

We're committed to promoting equality in the workplace and creating an inclusive and flexible culture - one where everyone can realise their full potential and make a positive contribution to our organisation. This in turn helps us to provide better support to our broad client base.

Day to Day:
• Provide representative tactics, techniques, and procedures (TTPs) for opportunistic, advanced, and sophisticated attackers according to customer goals and objectives
• Identify and implement third party products or tools to perform attack simulations
• This role focuses on various technical security testing areas such as vulnerability assessment, application and network penetration testing, wireless security, mobile security, website & app security, and system security testing.
• This role also simulates real- time cyber - attacks using red - team / blue team techniques.
• Conduct source code review to identify software program vulnerabilities and detect malware or malicious embedded code
• Involve in all aspects of security and vulnerability management engagements which include but are not limited to:
• Network and host vulnerability assessments and penetration testing
• Web application vulnerability assessments and penetration testing
• Source code security reviews assisted by automated tools
• Exploit research and development skills are a plus
• Social engineering and physical penetration testing against facilities and sites are a plus
• Firewalls, IDS / IPS, and other security device configuration review are a plus
• Regularly interact with C - Suite clients, such as Chief Executive Officer (CEO), Chief Information Security Officer (CISO), Chief Information Officer (CIO), Chief Operating Officer (COO), Chief Risk Officer (CRO) and their direct reports.

• Must have cloud security experience (can be hybrid, or Public cloud -> AWS/Azure/GCP/Alicloud)
• CISSP, OWASP or Sans GIAC (preferred)
• Experienced in Penetration Testing and Vulnerability Management
Interested candidates, please click the apply button and submit your CV.

Alex Fraser is a specialist Associate Consultant based in Hong Kong working within the IT infrastructure industry. My sole mission is to be able to provide the highest quality service to both my clients and candidates to ensure a smooth process in the job hiring process.