Logo RF White
Insurance

information security consultant

Apply now
Overview
Offices Hong Kong SAR
Job-type Full-Time
Job Category Insurance
Industries Acc & Finance
Salary HKD 35,000 - 60,000 /Month
Who you'll be working for
Top insurance company
What requirements you'll need to be eligible

Education & Experience

  • Bachelor's degree in Cybersecurity, IT, or a related field (or equivalent experience).
  • 4+ years of experience in incident coordination, security operations, or infrastructure security.

Technical Skills

  • Experience in firewall rule management and security best practices.
  • Understanding of Web Application Firewalls (WAF) and web security principles.
  • Familiarity with network security concepts (firewalls, network security group, zero trust, IDS/IPS, VPNs, cloud security).
  • Basic knowledge of security frameworks (e.g., NIST, CIS, ISO 27001).

Soft Skills

  • An influencer and facilitator; be able to build strong interpersonal relationships, and inform, guide and motivate stakeholders and technology experts at different levels to address risks with due care and attention to detail
  • Strong communication skills; be able to explain risks that are often complex and obscure to non-specialists; a good listener who can understand stakeholders’ concerns
  • Good command of written and spoken English and Chinese.
  • Strong communication and coordination skills.
  • Ability to prioritize incidents and security tasks under pressure.
  • Detail-oriented with strong documentation and reporting skills.
  • Confident and trustworthy; keen to earn the respect and trust of, and inspire, others. Independent and strong self-initiative to work creatively and analytically in a problem-solving environment.

Additional Requirements

  • Willing to work outside regular office hours for urgent incidents.
  • Support ad-hoc tasks and assignments from the supervisor, including project-related security reviews or urgent security requests.
  • Experience in a multinational or regional security team is a plus.
  • Relevant certifications (e.g., CISSP, CISA, CISM, CEH, GIAC GCIH, CCNP Security) are a plus.
What you'll be doing on the job
  1. Incident Coordination & Response (50%)
    • Act as the liaison between the Group Cybersecurity Team and internal teams.
    • Track, document, and ensure timely resolution of assigned cybersecurity incidents.
    • Escalate critical security issues to management and technical teams when necessary.
    • Provide incident reports and post-incident summaries.
    • Ensure adherence to incident response frameworks (e.g., NIST, SANS, ITIL).
    • Maintain accurate records of security changes and incident resolutions.
    • Be available during non-office hours for urgent security incidents.
    • Stay informed on emerging cyber threats and infrastructure security risks.
    • Assist in coordinating emergency response efforts when needed.

 

 

  1. Infrastructure Security Support (50%)
    • Firewall Rule Review:
      • Review and validate firewall rule change requests to ensure security compliance.
      • Work with IT teams to optimize firewall rules and reduce unnecessary access.
    • Web Application Firewall (WAF) Support:         
      • Assist in managing and tuning WAF policies to protect web applications.
      • Support troubleshooting and resolving WAF-related issues.
    • Ensure security controls for network and cloud infrastructure are properly implemented.
    • Ensure that firewall and WAF configurations align with security policies.
    • Support audits, risk assessments, and continuous security improvements.

 

 

For all positions:

The incumbent is required to obtain relevant license if the job involves in regulated activities

 

For Manager only:

Ensure team members who perform regulated activities have obtained the relevant licenses and fulfilled the licensing requirements

Consultant Contact
Posted by: Ryan Choy
Phone: +852 9288 8667
Email: ryan.choy@recruitfirst.co
Reg No:
HTTPS://ABOUT.RECRUITFIRST.CO/RYAN.CHOY
Sound interesting?
Apply!