Senior Consultant / Manager - Data Privacy and Protection - Cyber - Hong Kong
تفاصيل الوظيفة
About the Business Risk Advisory Trust, resilience and security connecting for enduring success and responsible business With competencies encompassing capital markets, control assurance, contractual exposure and insurance claims, and security services, our RA professionals offer a wealth of experience across a spectrum of industries. This is a great place to build a career and make an impact that really matters. By taking a Risk Intelligent approach, Risk Advisory provide powerful, practical solutions in cyber, strategy, regulation and controls, backed by deep business knowledge across multi-disciplinary teams, helping clients worldwide take the opportunity to connect trust, resilience and security for more positive outcomes. Risk Advisory helps ensure success that enables sustainable growth, inspires positive societal impact and creates a more responsible business. When you join Risk Advisory, you can be sure of access to these solutions and experiences, as well as opportunities in our different services lines, all wrapped in a high tech environment with a high touch approach to career development that ensures you reach your full potential. Whichever service offering you work in, your skills and experience will be highly valued Cyber & Strategic Risk We help clients address various aspects of Cyber and other strategic risks to their organizations to inform risk-based strategic choices, prepare to respond to disruption, assess and manage full-lifecycle enterprise risks, as well as strategize and respond to risks associated with the reliability and protection of data, associated processes and technology. We provide advisory and managed services to help senior executives spot, assess, manage, and respond to risks and/or catastrophic unforeseen incidents that could undermine their competitive position or jeopardize their critical assets, reputation and/or financial standing. Offerings include: -Cyber; -Crisis & Resilience; -Strategy, Brand and Reputation; -Climate and Sustainability; -Extended Enterprise Our objective is to help clients develop and implement strategies for IT risk management and aim to help clients find the appropriate balance between risk management and cost containment. Our integrated solutions covering: Cyber Strategy, Cyber Security, Cyber Vigilance, Cyber Resilience. Work you'll do
- Conduct assessment and benchmarking with industry best practices pertaining to data privacy and protection, information security and cyber security, including data protection / privacy impact assessments
- Identify and assess risks in the areas of Governance, People, Process and Technology, using recognised sources of privacy and data protection frameworks
- Advise on and establish data governance framework for our clients including strategies, organisations, policies, processes, standards and guidelines, etc. around data privacy and protection, and information security
- Advise and support our global clients in privacy by design / default and technology, cyber security projects
- Advise on and implement performance management and frameworks for privacy and protection compliance supported by technologies
- Develop and manage relationships, and meet with relevant data protection and privacy, and security stakeholders within our clients
- Contribute to our research and thought leadership, and work together on our next gen data privacy / protection initiatives to improve the eminence of our data privacy and protection practice
- Support in the collaboration with third party vendors to leverage their tools and solutions implementation for our clients
- As a manager you should be able to independently lead a team during engagements with limited support and supervision
- University degree majoring in accounting, business administration, information systems, computer science, engineering, statistics, accounting, law (or data protection law) and / or related areas
- At least 3 years' experience preferably from consulting firms/large enterprises' project teams
- Strong knowledge of the Hong Kong privacy regime. Knowledge of China privacy regime, and APAC and international privacy regulations (e.g. General Data Protection Regulation) would be an advantage
- Knowledge of current privacy and cyber issues, cyber and privacy security frameworks, privacy and data protection (engineering) technologies (Forcepoint, BigiD), emerging trends, and best practices related to data privacy
- Experience of implementing privacy and information security programs including, privacy risk assessment, data discovery, data leakage prevention, data inventory, data flow mapping and analysis, privacy access rules and strategy development such as policies and procedures, business process controls, system / technology understanding, incident response plans, monitoring, reporting of breach and escalation, and privacy training and awareness programs
- Professional qualification holder will be an advantage: CIPP, CIPT, CIPM, CISA, ISO, PMP, CISSP, CDPSE, etc.
- Experience with privacy and data protection technology, would be seen as an advantage
- Knowledge and understanding of system's implementation, programming languages and data analytics would be seen as an advantage
- Strong consultation and communication skills with highly proficiency in both spoken and written English and Chinese (Cantonese); Mandarin would be an advantage
- Candidates with more experience will be considered for Manager position
Apply safely
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.