Hong Kong, Hong Kong SAR
Cybersecurity & Data Protection Services
• Led business development initiatives for technical testing, security risk assessments and privacy compliance across industries such as luxury retail, financial services, telecommunications • Managed penetration testing projects with hands-on involvement
Security and Privacy, Technology Consulting • Conducted privacy compliance with gap analysis and maturity assessments leveraging NIST Privacy Framework, General Data Protection Regulation (GDPR) and Data Protection Principles (DPP) • Conducted security assessments, such as GL20 assessments for insurers, security review with NIST CSF and security audit • Conducted penetration testing across various domains including web applications, network infrastructure and API security to clients in financial service, luxury retails and telecommunication • Spearheaded multiple security and privacy assessment projects as the field lead, overseeing end-to-end execution, client communication, and delivery of compliance recommendations aligned with industry standards
• Conducted vulnerability assessments and penetration testing to identify vulnerabilities in the organization's systems and applications. • Conducted governance, risk, and compliance (GRC) assessments to identify and remediate risks by identifying areas of improvement related to cybersecurity and other areas of the organization. • Performed penetration testing to identify vulnerabilities and recommend measures to improve the security posture of the organization's IT infrastructure. • Maintained up-to-date knowledge of emerging cybersecurity threats and technologies to ensure the organization's security posture remains effective and resilient.