Associate Director - Digital Risks

Job description

Control Risks is seeking an experienced candidate to join its rapidly growing Cyber Protect team in our key Hong Kong market. This is a unique opportunity to work in a highly capable and truly global team of cyber experts and to play a critical part in shaping the Cyber Protect offering.

The role requires an initiative-taking and diligent client-facing individual who has experience in winning and delivering cyber strategy advisory work for global clients and projects.

The successful candidate will expand our capability in Hong Kong and work closely with the Principal leading our Digital Risks practice in the Asia Pacific region and our regional leadership in the Greater China region. The candidate will need to demonstrate exceptional analysis, programme management and business development skills. We require all staff to be team-players who are results focused and passionate about delivering high quality advice to some of the region’s largest firms.

The successful candidate will be experienced in leading cyber security advisory engagements and will need to demonstrate deep understanding of the cyber security challenges facing our clients in Greater China alongside local regulations and standards in place or are in development.

The candidate will have an established track-record of delivering cyber security strategy assessment and enhancement projects to a diverse range of clients. They will also excel at communicating complex technology-driven issues to executives at the C-level.

Key responsibilities:

Delivering client projects

• Programme and project management of digital risk advisory engagements (e.g., senior stakeholder engagement, programmes scoping, managing project/programme budget, hiring key resources, delivering against an agreed plan, issue management).
• Delivering strategy and transformation projects (e.g., helping clients to define and develop robust and future-proofed digital security strategies, conducting risk assessments, supporting cyber due diligence projects etc.).
• Supporting clients as a senior advisor throughout their digital security transformation.
• Working with senior project stakeholders (e.g. gathering information from interviews, document reviews and presenting findings) while maintaining the confidence of the client through clear communication and exceptional project management skills.
• Working with external technical partners to deliver an integrated solutions and drawing out recommendations from their technical findings.

Working with other departments within Control Risks

• Provide flexible and responsive support alongside our dedicated Cyber Response team for key Clients.

Business Development

• Developing proposals for future client work.
• Cultivating long-term relationships with clients.
• Participating in marketing and speaking events to build the Control Risks brand.
• Project and programme scoping and planning, to support pricing and project budget.
• Contributing to and building complex, multi-service line proposals.

Supporting the growth of the Cyber practice

• Managing and mentoring team members.
• Helping to refine our cyber security methodologies and approaches.
• Contributing to our professional development and training programme.
• Educate other departments about cyber security and the services we provide.
• Identifying and hiring local talent into the Cyber Security team.

Essential

• Considerable experience of cyber security risk management within an established consultancy.
• Ability to see security from the attacker’s point of view and articulate enterprise risks to senior non-technical audiences.
• Proven experience in reviewing, designing and implement cyber security strategy projects for clients.
• Proven experience in delivering risk assessments against industry standards (e.g.NIST CSF and ISO27001).
• Proven experience working with China’s information handling and technology regulations and standards.
• Broad corporate experience and understanding of the interaction between departments (such as HR, Finance and Security) and levels of governance within a commercial organisation.
• Excellent knowledge of IT and OT network infrastructure.
• Undergraduate or a post graduate degree in a field related to security, information security, intelligence, or computer science.
• CISSP, CISM, ISO27001 lead auditor, SANs or similar industry qualifications/certifications.

Preferred

• Native or documented fluency in Mandarin.

“Control Risks is committed to a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, colour, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age or veteran status”

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
• We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
• As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.