information security consultant

Overview

Who you'll be working for

What requirements you'll need to be eligible

Education & Experience

• Bachelor's degree in Cybersecurity, IT, or a related field (or equivalent experience).
• 4+ years of experience in incident coordination, security operations, or infrastructure security.

Technical Skills

• Experience in firewall rule management and security best practices.
• Understanding of Web Application Firewalls (WAF) and web security principles.
• Familiarity with network security concepts (firewalls, network security group, zero trust, IDS/IPS, VPNs, cloud security).
• Basic knowledge of security frameworks (e.g., NIST, CIS, ISO 27001).

Soft Skills

• An influencer and facilitator; be able to build strong interpersonal relationships, and inform, guide and motivate stakeholders and technology experts at different levels to address risks with due care and attention to detail

• Strong communication skills; be able to explain risks that are often complex and obscure to non-specialists; a good listener who can understand stakeholders’ concerns

• Good command of written and spoken English and Chinese.
• Strong communication and coordination skills.
• Ability to prioritize incidents and security tasks under pressure.
• Detail-oriented with strong documentation and reporting skills.
• Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically in a problem-solving environment.

Additional Requirements

• Willing to work outside regular office hours for urgent incidents.
• Support ad-hoc tasks and assignments from the supervisor, including project-related security reviews or urgent security requests.
• Experience in a multinational or regional security team is a plus.
• Relevant certifications (e.g., CISSP, CISA, CISM, CEH, GIAC GCIH, CCNP Security) are a plus.

What you'll be doing on the job

1. Incident Coordination & Response (50%)
   • Act as the liaison between the Group Cybersecurity Team and internal teams.
   • Track, document, and ensure timely resolution of assigned cybersecurity incidents.
   • Escalate critical security issues to management and technical teams when necessary.
   • Provide incident reports and post-incident summaries.
   • Ensure adherence to incident response frameworks (e.g., NIST, SANS, ITIL).
   • Maintain accurate records of security changes and incident resolutions.
   • Be available during non-office hours for urgent security incidents.
   • Stay informed on emerging cyber threats and infrastructure security risks.
   • Assist in coordinating emergency response efforts when needed.

2. Infrastructure Security Support (50%)
   • Firewall Rule Review:
     • Review and validate firewall rule change requests to ensure security compliance.
     • Work with IT teams to optimize firewall rules and reduce unnecessary access.
   • Web Application Firewall (WAF) Support:         
     • Assist in managing and tuning WAF policies to protect web applications.
     • Support troubleshooting and resolving WAF-related issues.
   • Ensure security controls for network and cloud infrastructure are properly implemented.
   • Ensure that firewall and WAF configurations align with security policies.
   • Support audits, risk assessments, and continuous security improvements.

For all positions:

The incumbent is required to obtain relevant license if the job involves in regulated activities

For Manager only:

Ensure team members who perform regulated activities have obtained the relevant licenses and fulfilled the licensing requirements

Consultant Contact