Analyst / Senior Consultant - Enterprise IT Transformation / Technology Risk / Cybersecurity - Risk Advisory - Hong Kong

  • Competitive
  • Hong Kong
  • Permanent, Full time
  • Deloitte Touche Tohmatsu
  • 14 Dec 17 2017-12-14

Analyst / Senior Consultant - Enterprise IT Transformation / Technology Risk / Cybersecurity - Risk Advisory - Hong Kong

Deloitte China

The Deloitte China network of firms, backed by the global Deloitte network, deliver a full range of audit, consulting, financial advisory, risk advisory and tax services to local, multinational and growth enterprise clients. We are one of the leading professional services providers in this marketplace with 21 offices in Beijing, Hong Kong, Shanghai, Changsha, Chengdu, Chongqing, Dalian, Guangzhou, Hangzhou, Harbin, Hefei, Jinan, Macau, Nanjing, Shenyang, Shenzhen, Suzhou, Tianjin, Ulaanbaantar, Wuhan and Xiamen in China. 

The Deloitte purpose is about making an impact that matters to our clients. Our extensive service spectrum enables us to help clients become leaders wherever they choose to compete. Deloitte is committed to investing in our people and empowers them to achieve more than they could elsewhere. Our work combines advice with action and integrity. We believe that when our clients and society are stronger, so are we. 

To learn more about how Deloitte makes an impact that matters in the China marketplace, please connect with our Deloitte China social media platforms via 
About Risk Advisory

Risk management covers many areas including security and privacy, reputation and control. Our professionals help clients across many industries flag, analyze, evaluate and manage strategic and operational risks while discovering opportunities to create value. If you want to make an impact by helping clients to prevent and manage risk-related issues while creating significant value to their business this may be your chance. 

Business Risk team offers enterprise risk management and governance services, strategic risk advisory services, internal control consulting service, contract risk & compliance services, crisis management services, treasury management services for our clients from various industries, mainly focus on energy & resources, manufacturing, real estates, consumer business, pharmaceutical, and TMT industries. 

Technology Risk team helps our clients to improve business confidence, manage and address information technologies related risks and ensure early warning mechanisms are in place through providing comprehensive information technologies related risk consulting services for a wide industries. 

Financial Services Industry team offers the structured enterprise risk management solutions to our clients under the regulation requests of China's financial regulatory authorities, associating our professional analytical skills with our understanding of the clients and the market. Nowadays the team mainly focuses on the service to global financial industry, including banks, securities, insurance, investment sectors and so on. 

Automotive Advisory Service focus on auto industry to provide strategic, operation and risk management consulting for our clients.
Adoption of technologies and embracing digital transformation are vital for businesses of all sizes to survive and thrive in the marketplace. As a trusted partner, we provide professional services that can deliver value to our clients. We lead and assist our clients to ensure maximum benefits are enjoyed with associated risks being managed properly. Our team is currently looking for motivated individuals who are looking for progress to join. You will have ample opportunities to work with experienced colleagues and participate in existing projects to develop your career and grow your skills. 

To deliver real changes to our clients, we provide end-to-end solutions and services to our clients. Our team will advise our clients from strategy and planning pertaining to technology enablement, risk management, IT governance, compliance and cybersecurity; solution design and implementation; to managed services including on-going technology management, operation, monitoring and incident response. 

You may participate in the following activities: 

  • Conduct assessment and benchmarking with industry best practices pertaining to IT management, information security and cyber security;
  • Perform business requirement studies, evaluate technology options to address business needs, and improve operation efficiency;
  • Work with multi-level of our clients from C-level executives, senior and management staff to on-the-ground professionals;
  • Conduct workshop and interviews;
  • Establish governance framework for our clients including strategies, organizations, policies, processes, standards and guidelines, etc.;
  • Review and analyse client's IT environment from infrastructure, databases to applications;
  • Review and analyse client's existing workflow and business processes;
  • Work with internal teams to deliver complex engagements both locally and overseas;
  • Professionally advice and work with client's IT team to design best-of-breed solutions to our clients;
  • Work closely with your team leaders and members on project delivery which includes but not restricted to research, analysis, advice and implementation;
  • Candidates with less experience could be considered for Analyst role. 


  • Degree holder in IT/risk/computer science/engineering or related disciplines, preferably with information security or IT solutions implementation experience;
  • At least 3-5 years' experience preferably from consulting firms/global system integrators/large enterprises' project teams;
  • Practical experience on one or more of the following domains: 
    o Information security 
    o Cyber security 
    o IT service management 
    o IT optimization 
    o Information management 
    o Digital transformation
  • Particular industry experience will be an advantage (e.g. banking and finance, aviation, transportation, property development, pharmaceutical, etc);
  • Professional qualification holder will be an advantage: ITIL, OSCP, CISSP, CISA, CISM, CEH, ISO27K, COBIT, PMP, CIPT, CIPM, CBCP, ABCP, etc.
  • Familiar of any of the following technologies would be an absolute advantages: 
    o GRC tools 
    o Security controls like firewalls, proxies, segmentation, VPN, IDS/IPS, application firewalls, database controls, encryptions. 
    o IOT/Mobile technologies and related security best practices. 
    o Cloud technologies and its operation and security best practices 
    o Data loss prevention solutions 
    o Identity and assess management solutions 
    o SIEM 
    o CASB 
    o SOC design, build and operation.
  • Strong analytical mind and problem solving skills.
  • Good communication and presentation skills;
  • Good command of spoken and written English and Chinese. Mandarin is an advantage;
  • Willing to learn and adaptive to changing environments;
  • A good team player with good interpersonal and communication skills; 

Deloitte Touche Tohmatsu in Hong Kong is the DTTL member firm in China. Deloitte China practice operates in Mainland China, Hong Kong and Macau through Deloitte Touche Tohmatsu in Hong Kong and its affiliates including Deloitte Touche Tohmatsu Certified Public Accountants LLP in Mainland China, Deloitte Touche Tohmatsu and Deloitte Touche Tohmatsu – Sociedade de Auditores in Macau. Deloitte Touche Tohmatsu in Hong Kong and its affiliates operating in Mainland China, Hong Kong and Macau are collectively referred to as Deloitte China.