Security Consulting Services eyes seasoned IT experts

Various cases of public and private organisations leaking personal data, most notably the Octopus privacy scandal in Hong Kong, has alerted corporate and government departments to the importance of having strong IT security to safeguard personal data.

With surging demand for stronger IT systems protection, security specialist Security Consulting Services is recruiting engineers and consultants to beef up its team of experts.

Managing director Chester Soong is seeking experienced people to join the company. “We are hiring two security engineers and two security consultants. The positions will mainly involve IT auditing, which helps clients evaluate their IT security system,” he says.

IT security is a rather demanding job and Soong is looking for experienced staff. “In IT auditing, the focus is on looking for flaws in the system. It requires staff with an in-depth understanding of programming, so I don’t think it is something a fresh graduate can handle. Candidates must be university graduates with IT-related working experience,” he says.

For the engineering posts, Soong is looking for people with at least two years’ IT experience. “The position is a junior post. He or she will be put in charge of collecting data from clients during the IT audit process. I expect the candidates to be motivated individuals able to work independently, with a knack for problem-solving.

“Engineers spend time in the client’s office collecting data. Sometimes the client might not be able to provide all the information and the engineer has to be proactive in digging out the necessary data for an audit. There is not much supervision of engineers when they are at client’s offices so they must be able to work on their own,” Soong says.

The post of consultant is a senior position requiring a minimum of five years’ IT experience, with at least three related to security.

“The consultant needs certificates in IT security such as Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA). Having other certificates in IT products is also an advantage,” says Soong.

The job of a consultant is to analyse the data collected by engineers and produce reports for clients.

“Engineers are expected to have strong report-writing skills and they have to be confident presenters. Presenting the findings of their report to senior management of a company is an important part of the job,” says Soong.

“On many occasions, they will give presentations to people who do not have an IT background, so they have to be strong communicators to get their message across. We are looking to promote our engineers to consultants in the future, so less experienced candidates applying for the position of engineer who can demonstrate strong interpersonal skills will definitely have an advantage’” Soong adds. 

The company serves a wide variety of clients. “We work on a lot of government projects. When working with the government, there are a number of guidelines that we need to follow, which makes the job a little more complicated. Financial institutions that handle loads of personal client data are also major users of our services. There is also business from design companies that need to safeguard their designs and other trade secrets,” says Soong.

He points out that the business world is putting greater emphasis on boosting IT security to win customers over. “People are aware of privacy issues and want to use the services of a company that is able to provide sound protection for their personal data. There is a huge incentive for businesses to strength their IT security and that brings us business opportunities,” he says.

Soong says staff can expect an open culture at Security Consulting Service.

“We are not a big company. The head count is less than 10, staff can access me easily and the company works closely together,” he explains.

The company encourages staff to attend various conferences and seminars to keep up to date with the latest technology. “Every month, there are various seminars on IT security and our staff have a chance to attend. There is also training on products from different providers, which we also send staff to join,” says Soong.

Helping staff gain professional qualifications is also a priority. “We provide financial aid to help boost the professional qualifications of our staff. There are various professional certificates related to IT security and we support them in getting those certificates,” says Soong.