Security Consultant

Why Join Us

As the world's leading vendor of cyber security, facing the most sophisticated threats and attacks, we have formed a global team of the most driven, creative and innovative people. At Check Point, our employees are redefining the security landscape by meeting our customers real-time needs and providing our cutting-edge technologies and services to an ever-growing customer base.

We are seeking an Enterprise Security Architect (ESA) to join our Infinity Global Services (IGS) team. If you are a seasoned security advisor and hands-on in delivering security services to mitigate customers security risks, do explore this opportunity!

Check Point Software Technologies has been recognized by Forbes as one of the World's Best Places to Work four years in a row (2020-2023), ranking among the top 50 companies across the globe in the IT category and in 2024 we are recognized as one of World's Best Companies by Statista and TIME. Check Point has also been named to Forbes list of World's Top Female-Friendly Companies.

If you want to make the world a safer place and join an award-winning company culture you belong with us.

Key Responsibilities

Your Impact & Responsibilities

• Possess recent and hands-on knowledge of threat actor tactics, techniques, and procedures that are needed to support the technical aspects of red-, purple-, and blue-teaming exercises and communicate attack simulation scenarios (e.g., gaining domain admin privileges, data exfiltration, and/or simulating ransomware attacks) with customers effectively throughout technical projects (e.g., red-teaming, TIBAS, iCAST readiness), ultimately assessing the security posture of customers networks and identifying security misconfigurations and vulnerabilities that allow the active exploits.
• Familiarize with industry security frameworks and regulatory cybersecurity guidelines such as MITRE ATT&CK, TIBAS, iCAST, NIST CSF 2.0, ISO27001:2022, CIS, GL20, Protection of Critical Infrastructures (Computer Systems) Bill, etc., having the ability to support attack-based assessments and/or to perform a wide range of control-based security assessments in accordance with one or multiple frameworks as an independent contributor and in a team setting.
• Have deep understanding of complex IT systems and operations and industry trends to identify vulnerabilities, source the information that is relevant to the audience and communicate findings to customers and internal stakeholders through written and verbal presentations and reports.
• Possess expert knowledge in IT infrastructure, security operations, and key components of information security domains such as access controls, remote access, incident response and recovery, cyber resiliency, risk management, network security, information security policies and procedures, Cloud computing, active directory, SOC, SIEM, DevSecOps, etc.
• Have strong abilities in understanding customers technical and operational requirements and accurately include them in SOWs, technical proposals, and all customer-facing documents.
• Demonstrate exceptional technical expertise and fast adaptability in new knowledge to projects.
• Perform technical project management, establish project milestones according to customer expectations, and hold customers and internal teams against the milestones to minimize project delays.
• When project-managing attack simulation tests, communicate with customers, internal teams (e.g., pen testers), other stakeholders effectively, skillfully managing the risks associated with the attack simulation testing performed in the production environment but balancing benefits from Check Point pen testers APTs and active exploits as we see in realistic threat scenarios.
• Interact with customers during presales and delivery stages and provide high-quality supporting documents (e.g., presentation decks and reports) that accurately incorporate customers feedback.
  
  

Qualifications

Qualifications

• A minimum 12 years of experience in security operations and/or security advisory and consultancy, having both hands-on experiences in technical execution/understanding of red-team, blue-team operations, network administration as well as the abilities to accurately articulate these complex concepts to technical and non-technical customers.
• Information technology, computer science or related university degree.
• A fast learner who learns, speaks about, and applies new cybersecurity knowledge in presales and delivery activities, demonstrating IGS's expertise and leadership in security services in Hong Kong market.
• Professional certification such as CREST certs, CRTO, CISM, CISA, CRISC, CISSP, CISP, etc.
• Proficiency in written and verbal technical and non-technical communications.
• Proficiency in written and spoken English, Cantonese and Mandarin.
  
  

Soft Skills

• Have strong analytical skills and the ability to understand and document customers intents and requirements based on both either clear or fuzzy comments provided by customers during discussions.
• Accept constructive feedback and implement changes right away to drive better results.
• Pay close attention to details and aim at producing high-quality work outputs that require minimal corrections.
• Have strong self-awareness on one's actions affecting the project delivery as a whole and reach out for help promptly to minimize negative impact on projects.
• Solve problems promptly as they arise with customers.
• Demonstrate sound judgements in managing customers and internal teams.
• Have the ability to handle multiple competing tasks and projects and demonstrate resiliency under pressure.
• Ability to influence customers and internal stakeholders and compromise as needed to achieve a win-win situation.
• Demonstrate strong integrity and professionalism in team settings.