Skip to main content


Sia Partners

Senior Consultant - CyberSecurity

Hong Kong, Hong Kong, Hong Kong

Company description

Sia Partners is a next-generation consulting firm focused on delivering superior value and tangible results to its clients as they navigate the digital revolution. With over 2,400 consultants in 17 countries, we will generate an annual turnover of USD 300 million for the current fiscal year. Our global footprint and our expertise in more than 30 sectors and services allow us to enhance our clients' businesses worldwide.

We guide their projects and initiatives in strategy, business transformation, IT & digital strategy, and Data Science. As the pioneer of Consulting 4.0, we develop consulting bots and integrate AI in our solutions.

After several years of significant growth in Asia, we are continuing to expand our business and are looking for talented and self-motivated Consultants in Singapore, Hong-Kong and Tokyo.

Job description

Due to our exceptional growth in Asia, we are looking for a Senior Consultant specialized in Information Security to join our team in Hong Kong. As a Senior Consultant, you will help to build our expertise and guarantee the quality of delivery to ensure market-leading practices for our Hong Kong office, taking into account the global nature of our organization and our clients.


Supervised by experienced consultants, you will help and work together with relevant stakeholders of our customers (CIOs, CISOs, IT Managers, etc) by addressing the following needs:

  • Assist in the definition, development, and improvement of current Cybersecurity strategies, policies, and other related processes and procedures
  • Align information security policies with business requirements and translate business requirements into technical IT security deliverables
  • Perform risk assessment and provide guidance on mitigation or remediation, as well as providing recommendations and suggesting improvements on security policies and initiatives.
  • Conduct Information Security and Cyber Risk Management assessments  
  • Project Management and assistance in the deployment of Cybersecurity programs and solutions
  • Conduct IT Audit and Regulatory Compliance assessment (e.g. ISO 27001, C-RAF, SWIFT, etc.)
  • European Data Privacy Regulation (GDPR) assessment and implementation
  • Analysis and improvement of Identity and Access Management life cycle
  • Data Protection / DLP related projects (data classification, review of data protection policies, implementation of controls, etc.)
  • Improve and maintain Business Continuity and Disaster Recovery plans, including optimization of Crisis management processes

As part of the firm's internal activities, your participation revolves around the following areas:

  • The development or strengthening of our offers through training sessions, working groups, internal and external distribution of marketing materials
  • Support in the publication activities (sector blogs, articles, insights, etc.)
  • Business development by contributing to the definition of needs and participating in commercial activities (development of pitches, responses to RFP, etc.)



  • Ideally 3-5 years of experience within IT related projects in Consulting and/or Financial Services
  • At least a Bachelor or equivalent degree in Engineering or Management from top universities and business schools. Master degree in Information Systems Management or related is highly advantageous
  • At least one Cybersecurity related certification (e.g. CISA, CISM, CISSP, ISO 27001, etc.)
  • Able to work well autonomously as well as in a team. Highly analytical and possess good entrepreneurial spirit
  • Excellent presentation and communication skills
  • Strong ability to work with MS PowerPoint and MS Excel is a must. Programming skills are highly appreciated.
  • Proficient English (written and oral) is a must. Mandarin and/or Cantonese would be highly appreciated

Additional information

Sia Partners is an equal opportunity employer. All aspects of employment, including hiring, promotion, remuneration, or discipline, are based solely on performance, competence, conduct, or business needs.