Skip to main content

Consulting

Sia Partners

Senior Consultant - CIO Advisory (CyberSecurity)

Wan Chai Road, Wan Chai, Hong Kong

Company description

Sia Partners is a next-generation consulting firm focused on delivering superior value and tangible results to its clients as they navigate the digital revolution. With over 1,800 consultants in 17 countries, we will generate an annual turnover of USD 300 million for the current fiscal year. Our global footprint and our expertise in more than 30 sectors and services allow us to enhance our clients' businesses worldwide.

We guide their projects and initiatives in strategy, business transformation, IT & digital strategy, and Data Science. As the pioneer of Consulting 4.0, we develop consulting bots and integrate AI in our solutions.

Job description

We are currently looking for a Senior Consultant with Cybersecurity Advisory experience to join our team in HK. Within Sia Partners, you will join our Cybersecurity Global Business Unit. In line with your skills and expertise, you will work - in Consulting, Implementation and Audit - on one or more of our following offers:

●       Cyber Strategy:

  • Cyber for Boards & Executives; Cyber Target Operating Model; Cyber M&A Due Diligence
  • Cyber Transformation; Cyber Maturity Assessment & Rating; Cyber Mentoring for Startups
  • CISOaaS | DPOaaS | BCMaaS | CMaaS

●       Cyber Risk:

  • Cyber Risk Management; Cyber Risk Assessment & Treatment; Cyber Risk Quantification
  • Third-Party Risk Management; Cyber Insider Risk; Cyber Risk Analytics & Reporting
  • Cyber Risk Review SaaS: C2R

●       Cyber Compliance:

  • Cyber Compliance Management: ISO 270xx, ISO 27701, ISO 223xx, BS 11200, LPM, Directive NIS, RGPD, SecNumCloud, RGS/PSSIE, SWIFT CSP, DSP2, HDS, PCI DSS, PA DSS, NIST
  • Cyber Assurance Framework
  • Data Privacy Assurance

●       Cyber Operations:

  • Cloud Security
  • OT | SCADA | ICS Security; IoT | IIoT | WoT Security
  • Security Architecture; Security Configuration
  • Infrastructure & Endpoint Protection; Data Protection Technologies
  • IAM | PAM | IAG | CIAM | DAG
  • SSDLC | SecDevOps
  • Cryptography | Encryption

●       Cyber Resilience:

  • Threat hunting; Digital Forensics; Incident Response
  • Vulnerability and Patch Management
  • Penetration Testing | Red Teaming
  • Wargaming and Crisis Management
  • IT Service Continuity Management; Business Continuity Management
  • Physical Security & Safety
  • Operational Resilience SaaS: STORM

Key Responsibilities

As part of your operational work, and your contributions to the internal development of the firm, you will be able to:

●       Manage end-to-end projects, or be responsible for sub-projects of a complex and/or international project, on which you will ensure relevant, proactive and regular reporting to the Manager and Client to ensure that our commitments are met.

●       Become a Cybersecurity trainer within the Sia Cyber Institute, where you will be involved in the preparation and delivery of certified training sessions as an accredited trainer, as well as in the delivery of customized awareness and coaching sessions.

●       Participate in the firm's eminence around our Cybersecurity expertise, by actively contributing to the publication plan (articles, insights, white papers, studies, webinars, etc.), and represent the firm at various professional clubs, shows and events.

●       Innovate within our Sia CyberLab, where you will work on the development of new offers and SaaS solutions based on advanced technologies and capitalising on our unique expertise in AI.

●       Take part in the business development through the design and development of commercial proposals, as well as by identifying new opportunities and clients.

●       Manage the client relationship on your missions and build a solid relationship with your contacts on the client side, at middle management level, who recognise you as an expert for your assigned tasks.

●       You will be responsible for the management of consultants, from junior to confirmed, in the context of missions or internal projects, where you will act as a reference and relay for the Manager/Senior Manager for the follow-up of projects, the validation of deliverables, the evaluation of achievements, and above all you will ensure the development of their soft and hard skills.

In addition, as part of your participation in the internal development of the firm, you will participate in:

●       Innovation within our Sia CyberLab, where you will work on the development of new offers and SaaS solutions around advanced technologies and capitalizing on our unique know-how in AI. You will also carry out benchmarks and PoC of Cyber solutions on the market, while participating in the active monitoring of Cyber news.

●       The firm's eminence, around our Cybersecurity expertise, by actively contributing to the publication plan (articles, insights, white papers, studies, webinars, etc.), and represent the firm at various professional clubs, trade shows and events.

 

Qualifications

Operational Skills

Graduated with a Cybersecurity degree or a related field from an accredited college/university, you have 3-5 years of experience with a consulting firm or a Cybersecurity solutions/services provider/integrator.

●       You master some Cybersecurity standards, norms and/or reference systems of the market, notably ISO 270xx, SANS, NIST, etc.

●       You have actively participated in successful projects/missions where you have developed a solid knowledge of at least two of our 5 offerings listed above;

●       You have a general knowledge of IP networks, operating systems (Unix/Linux, Windows and/or MacOs), Cloud (AWS, Azure and/or GCP), applications (Web Server, DB, Middleware, etc.) as well as cryptography; knowledge in Blockchain would be a real plus;

●       You are familiar with the major market solutions and technologies of: Endpoint Security, VPN, VSX, Proxy/Reverse Proxy, EDR, IAM, MDM, DLP, CASB, Office 365 Security, etc;

●       You have at least* two internationally recognized certifications: CISSP, OSCE, OSEE, OSCP, OSWE, CCSP, SSCP, CSSLP, HCISPP, CISM, C-CISO, CISA, SANS SECXXX, CEH, LTP, GCIH, GCFA, GPEN, GXPN, GWAPT, GCFE, GCIA, ISO 27001 LI/LA, ISO 27005 RM, ISO 22301 LI/LA, AWS Certified Security, M-AZ 500.

*An exception will be made for high potential profiles who do not have these certifications. They will join our internal Cyber Training program within the Sia Cyber Institute for the preparation and obtention of Cybersecurity certifications.

Attributes for Success

●       You actively participated in successful projects/missions where you have developed expertise around the missions listed in the job description;

●       You have an excellent culture in Cybersecurity and dispose of a strong appetite for solving complex technical problems;

●       You are a supportive team player who actively develops relationships and is eager to share knowledge with colleagues and our clients;

●       You are intellectually curious and have the entrepreneurial spirit to invest in the development of innovative offers and solutions;

●       You wish to join a stimulating and fulfilling professional environment, where you will share the values of expertise, innovation, customer satisfaction and a results-oriented culture;

●       You wish to evolve quickly and take responsibilities on high stakes subjects within a young, dynamic and supportive team;

●       You have a strong drive and commitment to deliver high quality work while ensuring that client expectations and deadlines are met.

 

Additional information

YOUR EXPECTATIONS

This will be the right role for you if:

  • You would like to be involved in more challenging projects with leading banks and financial institutions
  • You would like to be more client-facing and have autonomy in your role
  • You would like to be part of a dynamic, multi-cultural and fast-growing team
  • You would like to grow your career with a company that is performance drive

Sia Partners is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.