Total 300 Regional Consultant job vacancies in Legal / Public / Security category in The United States of America

Responsibilities :

● Analyze and prioritize vulnerabilities based on severity, potential impact and business risk, and collaborate with relevant teams to implement effective mitigation strategies.

● Provide strategic guidance, insights, and direction on technological, cybersecurity, and policy-related topics.

● Lead and participate in the development, implementation, and continuous improvement of incident response procedures, and processes.

● Collaborate with other teams at multiple geographic locations to investigate and document security incidents, root causes, and recommend remediation actions.

● Planning and appraising ongoing assessment of antivirus, application control, firewall, SIEM, VPN, SSL, intrusion detection or intrusion prevention and other network component policies.

● Managing and configuring security systems such as firewalls, intrusion detection and prevention systems, anti-virus software, and other security-related software and hardware.

● Monitoring systems, servers, and networks to detect and respond to potential security threats or suspicious activities.

● Developing and implementing security policies and procedures that ensure the organization’s data

and systems are protected against cyber threats.

● Conduct regular vulnerability assessments and penetration testing to identify potential security

weaknesses and risks to make improvements in the organization’s security.

● Report all security incidents to the home office and work with corporate IT on response and resolution strategy.

● Contribute to the development and execution of security awareness training programs for employees to enhance security awareness and best practices.

● Stay up to date with the latest cybersecurity threats, attack techniques and incident response strategies.

Requirements :

● Bachelor’s degree in computer science, information technology, or equivalent experience.

● 5+ Years of experience in a cyber or information security management role.

● Strong knowledge of the latest cybersecurity threats, trends, modern cybersecurity concepts, and technologies (zero trust, CIS Controls, OWASP, MITRE ATT&CK, XDR, CloudSec, AppSec, NIST, ITIL, Azure Well Architected Framework, etc).

● Experience in domains of Cyber Security Operations, Incident Response, Forensic Investigation, Threat Intelligence, or Vulnerability Management preferred.

● Ability to manage and configure security systems, monitor network traffic and system logs, conduct regular security assessments and respond to security incidents.

● Demonstrated understanding of business processes, IT risk management, and related standards.

● Proficiency in utilizing industry-standard tools for vulnerability scanning, assessment, and penetration testing.

● Excellent problem-solving skills and the ability to think critically under pressure.

● Effective communication and interpersonal skills, with the ability to collaborate across teams and convey technical concepts to non-technical stakeholders.

● Proven track record of staying current with evolving cybersecurity threats and best practices.

● Exceptional planning and organizational skills, and excellent written and oral communication.

● Self-starter with initiative and the ability to effectively prioritize and execute tasks with direction from corporate headquarters.

● Professional information security certification preferred, such as:

○ CompTIA Security+

○ Certified Information Systems Security Professional (CISSP)

○ Certified Information Systems Auditor (CISA)

○ Certified Information Security Manager (CISM)

Location: East area

HOW TO APPLY :

Interested candidates, please submit your resume by clicking on “Apply Now” or aliceyap(a)hkmsvs.com

All applications will be treated in the strictest confidence and only shortlisted candidates will be notified

Yap Lay Choo

EA Licence No. 03C5391 | Registration No. R1987101

ASM is a leading global supplier of products, services, and materials for semiconductor processing. For more than half a century, innovation has been at the core of everything we do. Our smart, ambitious people are dedicated to creating cutting-edge solutions for the world’s leading semiconductor providers. Every day we push the development of next-generation computer-chip technology, always staying a few steps ahead of what’s next.

The talented, enthusiastic people at ASM are just like you: dedicated to improving people’s lives and unlocking new potential. With our collaborative approach to R&D, we advance key semiconductor technologies and platforms like ALD, epitaxy, PEALD, PECVD, and vertical furnaces. And we have recently entered the promising high-growth market: silicon carbide epitaxy. Year after year, our innovations help to make chips smaller, faster, and more powerful. In fact, you will find our technology in every aspect of modern life: in AI, medical equipment, 5G, smartphones, autonomous driving, and more.

The ASM Legal Team is seeking a Regional Legal Counsel to independently review and negotiate high value and high volume agreements and draft standard terms & conditions to help support the legal and global business units in varied operational tasks and negotiations.

Description

Responsibilities include:
• Review of agreements and terms & conditions for:
o direct and indirect global procurement including high value contract manufacturing agreements
o regional sales and services organizations;
o global logistics, facility construction, lease, renovation contracts;
o negotiating tool evaluation agreements and restrictive confidentiality agreements with major semiconductor industry giants
o Regional HR policy review
o Advise on employee code of conduct investigations and proposed actions
• Liaising with internal global stakeholders in supply chain, logistics, insurance claim handling advisory, sales and services, HR etc. in multiple countries and maintain all agreements on ASM contract management portal
• Developing and perfecting scalable processes for contract handling
• Developing improvements to internal tools and policies to streamline and maximize efficiency, as well as supporting growth and effectively coordinating with team and database developers for implementation
• Conduct basic training sessions (legal orientation training)
• Maintaining the integrity of large amounts of data in the contract database by scanning agreements and ensuring that all information is captured accurately
• Lead the tracking status of agreements in process and coordinating the execution of agreements with internal and external signatories
• Lead the status update of contractual matters by providing regular reports using the contract management system
• Other ad-hoc duties as assigned.

Knowledge, Skills and Ability Requirements:
• Excellent stakeholder management skills and ability to triage matters and set expectations with internal stakeholders on timelines.
• Possess advanced Microsoft Office skills
• Extensive experience in drafting, review and negotiation of high value contracts
• Superior written and oral communication skills
• Must be detail-oriented, able to prioritize, handle multiple tasks, diligently follow-up, and work well under pressure in a fast-moving environment.
• Working knowledge of data management software (such as Agiloft) will be appreciated
• Contract management experience is a plus
• Strong team player with ability to work closely with others
• Ability to exercise sound and independent judgment
• Fluent in English

Key Qualifications
• Bachelor of Law Degree from a reputed university
• Minimum 7 years’ experience in-house, in the manufacturing and/or semicondictor sector
• Experienced in a regional role, prominently in Asian countries like Singapore, Malaysia, Taiwan, China and India
• Ideally reporting to the GC directly and managing senior global stakeholders independently
• Singapore Bar Qualified

At ASM we are committed to supporting our people, enabling them to develop their talents and perform at their best. We actively promote an inclusive and diverse culture that fosters trust and transparency. Our people are our power, and we value the differences between everyone because it is what make us better as a team. By embracing a wide range of perspectives, we enable a culture of continuous exploration and adoption of new ideas. At every step, we know that it is our valued people who enable us to deliver excellent products and service to our clients – and to make a meaningful difference in society.

So join us on our journey and unleash the power of an open mind. Discover how you can be part of our exciting future and apply today! To learn more about ASM, find us at asm.com and on LinkedIn, Facebook, Instagram and YouTube.

Get to know our team:

We are a forward-looking team that is actively shaping the future of technology and society in Southeast Asia.

Grab’s Public Affairs team builds partnerships with the public sector in support of national policy agendas, engage constructively with government and other stakeholders on public policy discussions, and drive initiatives to harness the positive potential of technology to drive impact at scale across Southeast Asia.

The day-to-day activities:

• Develop group strategy and support strategy implementation for Grab’s Public Affairs country teams:
  • Work with Grab’s country public affairs teams to analyse and provide insights on public policy issues, develop positions and advocacy recommendations to advance Grab’s agenda
  • Develop and execute strategic action plans and initiatives related to Grab’s public affairs objectives
  • Orchestrate efforts across different Grab teams to develop and implement a coordinated and robust approach in business operations, to address public policy topics
• Co-drive efforts that seek to strengthen Grab’s thought leadership position on identified topics of interest amongst target public affairs stakeholders:
  • Support research on public policy issues that are at the intersection of technology and society
  • Work with other teams at Grab to execute campaigns that drive thought leadership and dialogues on key topics, e.g. through planning of dialogues, forums, roundtable discussions, policy programmes etc.
  • Develop effective thought-leadership platforms, and maintain a pipeline of digital content (e.g. policy position papers, publications, blog posts, podcasts, op-eds etc.) to catalyse conversations and foster meaningful engagements
• Advance strategic engagements and institutional relations for Grab:
  • Support the building of lasting relationships with external stakeholders that include, but not limited to, governments, policy-makers, academics, NGOs, tech policy representatives from the industry, thought-leaders etc. across Southeast Asia and globally
  • Seek out potential partnership opportunities that help Grab’s public affairs team build bridges between thought-leaders, catalyse new research collaborations, and stimulate lively conversations with the wider community on the intersection of tech and policy

Cyber Security Consultant

• Permanent role

Our Client

• IT professional services company which specializes in software testing, quality assurance and cybersecurity

The Opportunity

We are looking for a highly driven and self-motivated Cyber Security Consultant to participate in a variety of engagements, focusing on targets that may include network equipment, servers, applications, APIs, wireless infrastructures, mobile devices, and other information systems. Using a variety of tools and techniques that may include red teaming, you will have the opportunity to combine technical expertise with your imagination to discover innovative methods with the goal of ensuring customers remain one step ahead of its adversaries.

Hands-on Responsibilities:

• Support the sales by attending security sales meeting (if necessary), effort estimation and provide security testing project timeline
• Develop the security acceptance test plan
• Provide expert technical support during the security testing activities
• Security test preparation, setting-up of testing environment, configuration and installation of the security testing tools
• Perform manual or automated security testing using commercial security testing tools
• Conduct Greybox Testing (Authenticated) and/or Blackbox Testing (Unauthenticated) Penetration Tests
• Conduct Whitebox Testing and Secure Code Review
• Conduct Network and Infrastructure Vulnerability Assessment and Penetration Testing
• Conduct Web, Mobile and Desktop Application Vulnerability Assessment and Penetration Testing
• Find and pinpoint the vulnerabilities of the assess target system / application
• Document and Report the vulnerabilities found in the system
• Provide professional recommendations / advice to mitigate and resolve the vulnerabilities
• Present the security testing results to the relevant stakeholders
• Provide weekly status reporting on the security testing activity progress

Your Background

• Bachelor's degree, preferably in computer science or information systems, or equivalent work experience
• Minimum 3-5 years security experience in a security analyst, engineer, architect, consultant, or a similar role
• Minimum 3 years' professional experience in conducting vulnerability assessment and penetration testing
• Has any of the following required Certifications:
  • CREST Registered Penetration Tester (CREST CRT)
  • Offensive Security Certified Professional (OSCP)
  • Knowledge in conducting security testing with the following guidelines and standards
  • Open Web Application Security Project (OWASP Top 10 Frameworks)
  • Common Vulnerability Scoring System (CVSS)
  • Common Vulnerabilities and Exposures (CVE)
  • Common Weakness Enumeration (CWE) / SANS Top 25 Software Errors
• High proficiency in manual and automated techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems), as well as executing vulnerability assessments (injection, privilege escalation, fuzzing, buffer overflows, etc.)
• Tools - Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
• Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
• Team Player

Desired Skills and Experience:

• Information Security
• Technical Documentation
• Cyber Security
• Architect
• Wireless
• Technical knowledge
• Penetration Testing
• Compliance
• Mobile Devices
• Testing tools
• Web Applications
• Web Application Security
• Vulnerability Assessment
• Databases

Interested parties please click "Apply Now" or send your CV directly to Maricris Fermin (EA Reg no: R1110126) at Maricris.Fermin@peoplebank.asia.

Peoplebank Singapore Pte Ltd, EA Licence Number: 08C5248.

Summary

The Security consultant is a pivotal technical role essential for facilitating Zero Trust deployment initiatives. This role encompasses conducting thorough gap analyses, proficient project management, and delivering technical advisories. Collaboration with cross-functional regional teams across the Asia-Pacific region is integral to this role. The ideal candidate will exhibit a robust understanding of the Zero Trust framework (CISA Zero Trust Maturity Model and Microsoft Zero Trust Model), possess broad security experience, analytical acumen, and demonstrate a proactive approach to project management. This position will report to HQ.

Skills/Qualifications:

• At least 5+ years of experience in the cybersecurity industry.

• Consulting experience in Cyber domain.

• Proven experience in security engineering, with a focus on Zero Trust deployment.

• Consultation capability in related technology and or related service to customer.

• Great communication and interpersonal skills

• Bilingual (English / Japanese) preferred but not required (proficient English is a requirement)

• Proactive approach to problem-solving and project management, with a strong commitment to achieving objectives and deadlines.

• Project management experience.

Technology Proficiency:

• Core expertise in Microsoft technologies.

• Azure Active Directory (AAD), identity management and MFA

• Microsoft Endpoint Manager

• Network Security, Azure Virtual Network and Azure Firewall

• Data Protection, Microsoft Information Protection (MIP) classifying, labelling, and protecting sensitive data.

Main Responsibilities:

• Overall Security Posture: Support and maintain APAC’s information security strategy and ensure it is aligned with Global security strategy based on Zero Trust

• Zero Trust Deployment Support: Lead and support Zero Trust deployment initiatives, ensuring alignment with organizational objectives and security best practices, Possess a strong background in security with a focus on general high-level knowledge.

• Gap Analysis: Conduct comprehensive gap analyses to identify vulnerabilities and areas for improvement within existing security frameworks in APAC region. Perform APAC’s Information Security Risk Assessment in accordance with the Risk Register Policy and support information security risk assessments for APAC to determine the gaps to reach Zero Trust.

• Project Management: Effectively manage Zero Trust deployment projects, including planning, research, monitoring, and reporting.

• Technical Advisory: Provide expert technical guidance and advisory services to stakeholders, facilitating informed decision-making regarding Zero Trust implementation, although not responsible for implementation, must comprehend the technical aspects of security technology and planning.

• Cross-Functional Collaboration: Collaborate closely with cross-functional teams across the APAC region to ensure seamless integration and alignment of Zero Trust initiatives with broader organizational objectives.

• Documentation: Maintain accurate documentation of Zero Trust deployment processes, procedures, and best practices for reference and future optimization.

Additional General Responsibilities:

• Promote the use of ‘right-sized’ solutions for APAC, including Global Shared Information Security Services, to drive increased standardization and effective use of security resources.

• Promote an information security-conscious culture.

• Collaboratively work with APAC to develop and implement processes that meet Global information policy and standards.

• Support information security activities across APAC (align activities where possible, foster joint plans, etc.).

• Collaborate with APAC’s legal and compliance to ensure APAC is compliant with local information security laws and regulations.

• Support the efforts of APAC’s Security delivery resources to execute to expectations.

• Encourage the development of innovative ideas that solve root causes of identified problems.

• Build and develop cross functional relationships within APAC to engender support of security projects.

• Coordinate technical input and recommendations from GISS to APAC

• Work on global initiatives as part of working groups (e.g.: standards refresh, new technology discussion, etc.)

Please refer to main JD attached. Should you require any further information about this exciting new post please don't hesitate to contact us.

Summary

The Security consultant is a pivotal technical role essential for facilitating Zero Trust deployment initiatives. This role encompasses conducting thorough gap analyses, proficient project management, and delivering technical advisories. Collaboration with cross-functional regional teams across the Asia-Pacific region is integral to this role. The ideal candidate will exhibit a robust understanding of the Zero Trust framework (CISA Zero Trust Maturity Model and Microsoft Zero Trust Model), possess broad security experience, analytical acumen, and demonstrate a proactive approach to project management. This position will report to HQ.

Skills/Qualifications:

• At least 5+ years of experience in the cybersecurity industry.

• Consulting experience in Cyber domain.

• Proven experience in security engineering, with a focus on Zero Trust deployment.

• Consultation capability in related technology and or related service to customer.

• Great communication and interpersonal skills

• Bilingual (English / Japanese) preferred but not required (proficient English is a requirement)

• Proactive approach to problem-solving and project management, with a strong commitment to achieving objectives and deadlines.

• Project management experience.

Technology Proficiency:

• Core expertise in Microsoft technologies.

• Azure Active Directory (AAD), identity management and MFA

• Microsoft Endpoint Manager

• Network Security, Azure Virtual Network and Azure Firewall

• Data Protection, Microsoft Information Protection (MIP) classifying, labelling, and protecting sensitive data.

Main Responsibilities:

• Overall Security Posture: Support and maintain APAC’s information security strategy and ensure it is aligned with Global security strategy based on Zero Trust

• Zero Trust Deployment Support: Lead and support Zero Trust deployment initiatives, ensuring alignment with organizational objectives and security best practices, Possess a strong background in security with a focus on general high-level knowledge.

• Gap Analysis: Conduct comprehensive gap analyses to identify vulnerabilities and areas for improvement within existing security frameworks in APAC region. Perform APAC’s Information Security Risk Assessment in accordance with the Risk Register Policy and support information security risk assessments for APAC to determine the gaps to reach Zero Trust.

• Project Management: Effectively manage Zero Trust deployment projects, including planning, research, monitoring, and reporting.

• Technical Advisory: Provide expert technical guidance and advisory services to stakeholders, facilitating informed decision-making regarding Zero Trust implementation, although not responsible for implementation, must comprehend the technical aspects of security technology and planning.

• Cross-Functional Collaboration: Collaborate closely with cross-functional teams across the APAC region to ensure seamless integration and alignment of Zero Trust initiatives with broader organizational objectives.

• Documentation: Maintain accurate documentation of Zero Trust deployment processes, procedures, and best practices for reference and future optimization.

Additional General Responsibilities:

• Promote the use of ‘right-sized’ solutions for APAC, including Global Shared Information Security Services, to drive increased standardization and effective use of security resources.

• Promote an information security-conscious culture.

• Collaboratively work with APAC to develop and implement processes that meet Global information policy and standards.

• Support information security activities across APAC (align activities where possible, foster joint plans, etc.).

• Collaborate with APAC’s legal and compliance to ensure APAC is compliant with local information security laws and regulations.

• Support the efforts of APAC’s Security delivery resources to execute to expectations.

• Encourage the development of innovative ideas that solve root causes of identified problems.

• Build and develop cross functional relationships within APAC to engender support of security projects.

• Coordinate technical input and recommendations from GISS to APAC

• Work on global initiatives as part of working groups (e.g.: standards refresh, new technology discussion, etc.)

About us

West Sussex County Council provides services to more than 850,000 residents every day and has pledged to change the way it works, do more, embrace its communities and be ambitious. The West Sussex Plan sets out how the County Council plans to shape its services for the next five years. We will focus on:

• Giving our children and young people the best start in life
• Ensuring West Sussex is a prosperous place
• Our communities will be strong, safe and sustainable
• We will support you in later life to remain independent
• We will be a council that works for our communities

For more information about West Sussex County Council and The Public Health and Social Research Unit, please visit our West Sussex JSNA Website page.

West Sussex County Council has a strong commitment to public health and has invested in a dynamic experienced team- all working towards the attainment of improved health and wellbeing of our local people. There is already a strong experienced public health team already in place and we are seeking a public health consultant to join us.

The Opportunity

Salary: £85,000 - £89,000 per annum, up to £8,000 relocation package available
Working Pattern: Full time, 37 hours per week, however applications for job share will also be considered
Location: County Hall, Chichester, with flexibility across other bases/remote working
Interview date: 04 June 2024

We have an exciting opportunity here at West Sussex within our Public Health team, as we are seeking to appoint a Consultant in Public Health who really wants to make a difference in terms of the improvement of the health and wellbeing outcomes of our local people. You will form part of a wider Public Health Consultant team and have generic Public Health Consultant responsibilities agreed with the Director of Public Health, as well as leading on Sexual Health and Health Protection as a specialist area.

What are we looking for?

We are looking for a candidate who possesses strong leadership skills together with a positive attitude who can work flexibly as part of a wider public health team. Whilst not essential, experience of working in a local authority setting, shaping and leading public health initiatives in a political environment is desirable.

Working to our Director of Public Health, you will have responsibility for the development, implementation and delivery of national, regional and local policies, developing inter-agency and interdisciplinary strategic plans and programmes to deliver key public health targets.

You will provide expert public health advice and leadership to support and inform an evidence-based approach for commissioning and developing high quality equitable services, across primary, secondary and social care, and across sectors including voluntary organisations.

For more information on the Key Skills as well as the Qualifications and/or experience required, please refer to the Job Description attached.

Working for us

As well as adding real value to our service users and our communities, as an employer we recognise our employees are central in being able to achieve this. To recognise this we want to help support your development and provide an great place to work ensuring you can fulfil your full potential, have access to a range of benefits including:

• an excellent local government pension scheme
• generous holiday entitlement of 31 days (plus opportunity to buy additional leave)
• a range of flexible working options, depending on your job role
• maternity, paternity, dependency and adoption leave
• volunteering opportunities
• training and development opportunities, including coaching and mentoring
• a range of discounts giving our staff access to hundreds of offers; groceries, travel, cinema tickets, days out, leisure activities, high street retailers and the opportunity to save over £1,000 a year through our West Sussex Choices benefits platform (see our Staff discounts page if you are a business looking to offer a discount)
• health and wellbeing benefits including access to our Employee Assistance Programme, Mental Health First Aiders and Voluntary Health Cash Plans

For a full list this can be found at our Rewards and Benefits page.

Further information

The reference number for this role is CAFHE05111.

For an informal conversation or for further information regarding the role, please contact Anna Christian (Director of Public Health, Executive Assistant) at . For issues or queries regarding your application please contact .

To apply, please follow the links below to upload your CV and Cover Letter. In your cover letter please outline your motivations for applying and explaining the skills and experience you can bring to the role (please refer to the key skills) ensuring that any gaps in employment are covered in your CV. Please ensure you have saved the job description attached to the main advert on our website as, once the job has closed, you may not have the opportunity to download again.

We are committed to safeguarding and promoting the welfare of children, young people and vulnerable adults. This post is subject to satisfactory references, health check and UKPHR/GMC registration.

CC

Get to know our team:

• We are a forward-looking team that is actively shaping the future of technology and society in Southeast Asia.
• Grab’s Public Affairs team builds partnerships with the public sector in support of national policy agendas, engage constructively with government and other stakeholders on public policy discussions, and drive initiatives to harness the positive potential of technology to drive impact at scale across Southeast Asia.

The day-to-day activities:

• Support strategy development and implementation for Grab’s Public Affairs country teams:
  • Work with Grab’s country public affairs teams to analyse and provide insights on public policy issues, develop positions and advocacy recommendations to advance Grab’s agenda
  • Develop and execute strategic action plans and initiatives related to Grab’s public affairs objectives
  • Orchestrate efforts across different Grab teams to develop and implement a coordinated and robust approach in business operations, to address public policy topics
• Support Grab’s thought leadership efforts on public affairs:
  • Support research on public policy issues that are at the intersection of technology and society
  • Work with other teams at Grab to execute campaigns that drive thought leadership and dialogues on key topics, e.g. through planning of dialogues, forums, roundtable discussions, policy programmes etc.
  • Develop effective thought-leadership platforms, and maintain a pipeline of digital content (e.g. policy position papers, publications, blog posts, podcasts, op-eds etc.) to catalyse conversations and foster meaningful engagements
• Advance strategic engagements and institutional relations for Grab:
  • Establish key partnerships with appropriate external stakeholders across government, international organisations, academia, non-profit and private sectors
  • Coordinate between external partners and internal teams to execute on partnership initiatives

Major, Lindsey & Africa is unmatched in the legal talent we attract, the services that we provide and the global reach we possess. With legal recruiting offices in more than 20 major markets across the United States, EMEA and Asia Pacific, we provide in-depth market insights on a global scale that deliver superior results for clients and candidates.

We are currently looking for Legal Consultant to join our team.

Responsibilities include:

• Review, draft, negotiate and advise on a broad range of commercial contracts and legal documents
• Provide legal advise to the business and operational units of the company
• Work and liaise with the various stakeholders within the company
• Perform other related duties as assigned

The ideal candidate would have:

• A Degree in Law or equivalent
• 8+ years PQE and called to the Singapore or a common law jurisdiction bar
• Strong commercial background, with good knowledge of contract law
• A strong team player with interpersonal skills and the ability to collaborate effectively with personnel at all levels
• Excellent verbal and written communication skills with good attention to detail
• Strong organizational skills and adaptable and flexible with regard to activities undertaken

Please apply and we can have a confidential discussion.

Major, Lindsey & Africa (Singapore) Pte. Ltd.

EA License No. 16S8347

EA Registration No. R24121617

For more information on the Key Skills as well as the Qualifications and/or experience required, please refer to the Job Description attached.

Summary

The Security consultant is a pivotal technical role essential for facilitating Zero Trust deployment initiatives. This role encompasses conducting thorough gap analyses, proficient project management, and delivering technical advisories. Collaboration with cross-functional regional teams across the Asia-Pacific region is integral to this role. The ideal candidate will exhibit a robust understanding of the Zero Trust framework (CISA Zero Trust Maturity Model and Microsoft Zero Trust Model), possess broad security experience, analytical acumen, and demonstrate a proactive approach to project management. This position will report to HQ.

Skills/Qualifications:

• At least 5+ years of experience in the cybersecurity industry.

• Consulting experience in Cyber domain.

• Proven experience in security engineering, with a focus on Zero Trust deployment.

• Consultation capability in related technology and or related service to customer.

• Great communication and interpersonal skills

• Bilingual (English / Japanese) preferred but not required (proficient English is a requirement)

• Proactive approach to problem-solving and project management, with a strong commitment to achieving objectives and deadlines.

• Project management experience.

Technology Proficiency:

• Core expertise in Microsoft technologies.

• Azure Active Directory (AAD), identity management and MFA

• Microsoft Endpoint Manager

• Network Security, Azure Virtual Network and Azure Firewall

• Data Protection, Microsoft Information Protection (MIP) classifying, labelling, and protecting sensitive data.

Main Responsibilities:

• Overall Security Posture: Support and maintain APAC’s information security strategy and ensure it is aligned with Global security strategy based on Zero Trust

• Zero Trust Deployment Support: Lead and support Zero Trust deployment initiatives, ensuring alignment with organizational objectives and security best practices, Possess a strong background in security with a focus on general high-level knowledge.

• Gap Analysis: Conduct comprehensive gap analyses to identify vulnerabilities and areas for improvement within existing security frameworks in APAC region. Perform APAC’s Information Security Risk Assessment in accordance with the Risk Register Policy and support information security risk assessments for APAC to determine the gaps to reach Zero Trust.

• Project Management: Effectively manage Zero Trust deployment projects, including planning, research, monitoring, and reporting.

• Technical Advisory: Provide expert technical guidance and advisory services to stakeholders, facilitating informed decision-making regarding Zero Trust implementation, although not responsible for implementation, must comprehend the technical aspects of security technology and planning.

• Cross-Functional Collaboration: Collaborate closely with cross-functional teams across the APAC region to ensure seamless integration and alignment of Zero Trust initiatives with broader organizational objectives.

• Documentation: Maintain accurate documentation of Zero Trust deployment processes, procedures, and best practices for reference and future optimization.

Additional General Responsibilities:

• Promote the use of ‘right-sized’ solutions for APAC, including Global Shared Information Security Services, to drive increased standardization and effective use of security resources.

• Promote an information security-conscious culture.

• Collaboratively work with APAC to develop and implement processes that meet Global information policy and standards.

• Support information security activities across APAC (align activities where possible, foster joint plans, etc.).

• Collaborate with APAC’s legal and compliance to ensure APAC is compliant with local information security laws and regulations.

• Support the efforts of APAC’s Security delivery resources to execute to expectations.

• Encourage the development of innovative ideas that solve root causes of identified problems.

• Build and develop cross functional relationships within APAC to engender support of security projects.

• Coordinate technical input and recommendations from GISS to APAC

• Work on global initiatives as part of working groups (e.g.: standards refresh, new technology discussion, etc.)

Responsibilities:

• Collaborate on building a robust cloud architecture blueprint aligned with business goals and technical needs.
• Spearhead secure cloud practices and drive their widespread adoption across the organization.
• Design, review, and architect cloud solutions, ensuring a secure and constantly evolving cloud environment encompassing compute, storage, network, and applications.
• Become a thought leader, researching disruptive forces shaping digital transformation and cloud security, and strategically integrating their impact into our cloud architecture and security roadmap.
• Partner with subject matter experts to develop and deliver effective cloud security services, achieving optimal business outcomes.
• Consult on cloud security solution deployments, ensuring alignment with the secure cloud architecture and identifying opportunities for improvement to meet both present and future needs.
• Champion cloud security solutions and services alongside product managers, owners, and peers.
• Architect and tailor cloud security solutions to meet unique customer infrastructure, application, and workload needs, balancing business and technical considerations.
• Own the deployment, administration, management, configuration, testing, and integration of cloud security solutions and multi-account cloud architecture across compute, storage, network, and applications.
• Proactively identify, analyze, and address vulnerabilities in cloud security solutions and multi-account cloud architecture.
• Develop and maintain DevOps tools, fostering a secure cloud-based orchestration platform for infrastructure as code (IaC).
• Design, develop, and maintain cloud security solutions for CI/CD pipelines, optimizing the continuous integration, testing, delivery, and deployment processes within agile software development.

Requirementrs:

• 3 – 5 years of experience designing, implementing, and operating within a large enterprise cloud environment. Expertise in cloud technologies, cloud security solutions, infrastructure and network design, servers, storage, and virtualization (especially in architectural or engineering roles) is a must.
• Deep understanding of cybersecurity technologies, practices, operations, vulnerability, and risk management.
• Proficiency and hands-on experience with cloud systems like AWS, Azure, or Google Cloud Platform, coupled with expertise in cloud security technologies like CNAPP, CWPP, CSPM, SASE, and ZTNA. Familiarity with software-defined infrastructure, IaC tools (Terraform, Cloudformation, etc.), and CI/CD pipelines is essential.
• Proven track record of architecting, designing, developing, and maintaining secure, complex, enterprise-grade, multi-account hybrid cloud infrastructure integrated with cloud security solutions.
• The ability to translate business and technical requirements into practical, secure cloud-based architecture and solutions, ensuring compliance with security policies and best practices.
• Strong collaboration skills to thrive in a team-oriented environment, fostering a culture of innovation to achieve organizational goals.
• Certification as a CISSP, CISM, or a related field

Chin, SF

sf.chin[at]jondavidsongroup.com

JonDavidson Pte Ltd

Co. Reg. No. 200709068N. Licence No. 22S1412

Registration Number: R21100141

"Personal data collected will be used for recruitment purposes only"

Our Mission

At Palo Alto Networks® everything starts and ends with our mission:Being the cybersecurity partner of choice, protecting our digital way of life.Our vision is a world where each day is safer and more secure than the one before. We are a company built on the foundation of challenging and disrupting the way things are done, and we’re looking for innovators who are as committed to shaping the future of cybersecurity as we are.

Our Approach to Work

We lead with flexibility and choice in all of our people programs. We have disrupted the traditional view that all employees have the same needs and wants. We offer personalization and offer our employees the opportunity to choose what works best for them as often as possible - from your wellbeing support to your growth and development, and beyond!At Palo Alto Networks, we believe in the power of collaboration and value in-person interactions. This is why our employees generally work from the office three days per week, leaving two days for choice and flexibility to work where you feel most effective. This setup fosters casual conversations, problem-solving, and trusted relationships. While details may evolve, our goal is to create an environment where innovation thrives, with office-based teams coming together three days a week to collaborate and thrive, together!

Your Career

The Senior Consultant on the Offensive Security team is focused on assessing and challenging the security posture across a comprehensive portfolio of clients. The individual will utilize a variety of tools developed and act as a key team member in client engagements. They will be the client’s advocate for cybersecurity best practices and will provide recommendations in this domain.

Your Impact

Conducts periodic scans of networks to find and detect vulnerabilities
Performs client penetration testing to find any vulnerabilities or weaknesses that might be exploited by a malicious party, using open-source, custom, and commercial testing tools
Ability to assist in scoping engagements by clearly articulating various penetration approaches and methodologies to audiences ranging from highly technical to executive personnel
Report generation that clearly communicates testing and assessment details, results, and remediation recommendations to clients
Develop scripts, tools, and methodologies to automate and streamline internal processes and engagements
Conducts IT application testing, cybersecurity tool and systems analysis, system and network administration, and systems engineering support for the sustainment of information technology systems (mobile application testing, penetration testing, application, security, and hardware testing)
Conduct threat hunting and/or compromise assessment engagements to identify active or dormant indicators of compromise (IoCs) using Crypsis and Palo Alto Networks’ threat hunting tools (and/or client owned hunting instrumentation where applicable)
Conduct cloud penetration testing engagements to assess specific workloads (i.e., AWS, GCP, Azure, containers, or other PaaS and SaaS instances) for vulnerabilities and subsequently attempt to exploit identified weakness after receiving permission from client stakeholders
Provide recommendations to clients on specific security measures to monitor and protect sensitive data and systems from infiltration and cyber-attacks including response and recovery of a data security breach
Ability to perform travel requirements as needed to meet business demands

Your Experience

3+ years of professional experience with risk assessment tools, technologies, and methods focused on Infor

mation Assurance, Information Systems/Network Security, Infrastructure Design, and Vulnerabilities Assessments
Demonstrate a deep understanding of how malicious software works (i.e.-malware, trojans, rootkits, etc.)
Ability to modify known and/or craft custom exploits manually without dependence on consumer tools such as Metasploit
Knowledge of tools and techniques used to conduct network, wireless, and web application penetration testing
Familiarity with web application penetration testing and code auditing to find security gaps and vulnerabilities
Knowledge and experience in conducting cyber risk assessments using industry standards
Experience with penetration testing, administering, and troubleshooting major flavors of Linux, Windows, and major cloud IaaS, PaaS, and SaaS providers (i.e., AWS, GCP, and Azure)
Experience with security assessment tools
Knowledge of network vulnerability assessments, web and cloud application security testing, network penetration testing, red teaming, security operations, or 'hunt'
Knowledge of computer forensic tools, technologies, and methods
Assist in the development of internal infrastructure design for research, development, and testing focused on offensive security
Identified ability to grow into a valuable contributor to the practice
Bachelor’s Degree in Information Security, Computer Science, Digital Forensics, Cyber Security, or equivalent years of professional experience to meet job requirements and expectations or equivalent experience required

The Team

Unit 42 Consulting is Palo Alto Network's security advisory team. Our vision is to create a more secure digital world by providing the highest quality incident response, risk management, and digital forensic services to clients of all sizes. Our team is composed of recognized experts and incident responders with deep technical expertise and experience in investigations, data breach response, digital forensics, and information security. With a highly successful track record of delivering mission-critical cybersecurity solutions, we are experienced in working quickly to provide an effective incident response, attack readiness, and remediation plans with a focus on providing long-term support to improve our clients’ security posture.

Our Commitment

We’re trailblazers that dream big, take risks, and challenge cybersecurity’s status quo. It’s simple: we can’t accomplish our mission without diverse teams innovating, together.

We are committed to providing reasonable accommodations for all qualified individuals with a disability. If you require assistance or accommodation due to a disability or special need, please contact us at accommodations@paloaltonetworks.com.

Palo Alto Networks is an equal opportunity employer. We celebrate diversity in our workplace, and all qualified applicants will receive consideration for employment without regard to age, ancestry, color, family or medical care leave, gender identity or expression, genetic information, marital status, medical condition, national origin, physical or mental disability, political affiliation, protected veteran status, race, religion, sex (including pregnancy), sexual orientation, or other legally protected characteristics.All your information will be kept confidential according to EEO guidelines.

Main Role and Responsibilities:

• Monitor systems and report any issues to the Senior SAP Security and Controls Consultant.
• Provide technical support for customer Role implementation and /or Role redesign by assisting customers in defining Roles and remediating potential Segregation of Duty (SoD) conflicts.
• Assist in customer training for SAP security and controls concepts including basic User and Role maintenance, implementing Access Control/SoD tools, etc.
• Provide first-level support for users with security-related problems or questions about the systems administered.
• Provide first-level support for users with security-related problems or questions about the systems administered

Skills:

• At least 8 years of experience in Business Process Consulting, problem definition, Architecture/Design /Detailing of Processes.
• Security expertise in SAP S4HANA, HANA, FIORI, ECC / CRM / BW / BIBO / EP / CUA / BOBJ / GRC (hands-on experience in min 3 systems – for example ECC, GRC, and S4HANA).
• Experience in Process control & automation will be an added advantage.
• Team leading / Management Experience, resource planning, issue resolution, weekly status reports, and timesheets.
• Experience in SoD.