Pursue a Career with Impact

At Deloitte China, we are on a mission to nurture and empower our people to become deep subject matter experts. We offer the perfect platform to unleash your full potential and equip you to thrive on challenges, and partner with our clients to solve their most complex problems. A world of opportunities awaits. Start your adventure and journey with us.

About The Business

Risk Advisory

Trust, resilience and security connecting for enduring success and responsible business

With competencies encompassing capital markets, control assurance, contractual exposure and insurance claims, and security services, our RA professionals offer a wealth of experience across a spectrum of industries. This is a great place to build a career and make an impact that really matters.

By taking a Risk Intelligent approach, Risk Advisory provide powerful, practical solutions in cyber, strategy, regulation and controls, backed by deep business knowledge across multi-disciplinary teams, helping clients worldwide take the opportunity to connect trust, resilience and security for more positive outcomes. Risk Advisory helps ensure success that enables sustainable growth, inspires positive societal impact and creates a more responsible business. When you join Risk Advisory, you can be sure of access to these solutions and experiences, as well as opportunities in our different services lines, all wrapped in a high tech environment with a high touch approach to career development that ensures you reach your full potential. Whichever service offering you work in, your skills and experience will be highly valued

Cyber & Strategic Risk

We help clients address various aspects of Cyber and other strategic risks to their organizations to inform risk-based strategic choices, prepare to respond to disruption, assess and manage full-lifecycle enterprise risks, as well as strategize and respond to risks associated with the reliability and protection of data, associated processes and technology. We provide advisory and managed services to help senior executives spot, assess, manage, and respond to risks and/or catastrophic unforeseen incidents that could undermine their competitive position or jeopardize their critical assets, reputation and/or financial standing. Offerings include:

• Cyber;
• Crisis & Resilience;
• Strategy, Brand and Reputation;
• Climate and Sustainability;
• Extended Enterprise
  
  

Our objective is to help clients develop and implement strategies for IT risk management and aim to help clients find the appropriate balance between risk management and cost containment. Our integrated solutions covering: Cyber Strategy, Cyber Security, Cyber Vigilance, Cyber Resilience.

Work you'll do

• Contribute/lead to attack and penetration testing engagements to identify security weaknesses within client's business environments, report on issues and make remediation recommendations
• Position as a subject matter expert to help support and mentor other team members
• Respond to client requests, anticipate client needs, and suggest solutions using innovative approaches
• Involve in all aspects of security and vulnerability management engagements which include but are not limited to:
• Network and host vulnerability assessments and penetration testing
• Web application vulnerability assessments and penetration testing
• Source code security reviews assisted by automated tools
• Exploit research and development skills are a plus
• Social engineering and physical penetration testing against facilities and sites are a plus
• Firewalls, IDS / IPS, and other security device configuration review are a plus
  

During your tenure with us, you will demonstrate and develop your leadership and professional capabilities in the following areas: Inspiring, Creating purpose, Driving agility, Building diverse capability, Influencing, Collaborating, Delivering value, Building the business, Analytical acumen, Effective communication, Engagement management/delivery excellence, Managing change, Managing quality & risk, Sales excellence, Strategic thinking and problem solving, and Tech savviness.

We are looking for someone with

• Bachelor degree or above in computer science, information and communication technology, information systems, risk management or other related disciplines
• Holder of the following qualification preferred:
• Offensive Security Certified Professional (OSCP) or other Penetration Testing related certifications
• At least 1 year of experience in penetration testing, vulnerability assessment or other types of security assessments
• Hands on experience in web applications penetration testing
• Ability to understand and assess applications from both technical and business perspectives, and to explain technical vulnerabilities in terms of business risks
• Subject matter expertise in one or more of the followings:
• Networking: LAN, WAN, MPLS, VPN, Load Balancers/ Reverse Proxies, and other networking technologies
• Security equipment: Firewalls, IDS/ IPS, SIEMs, End-Point Protections etc
• Storage Technologies: MS-SQL, Oracle, DB2, MySQL, PostgreSQL, MongoDB, Cassandra, Redshift, Aurora, Redis, Mamcached, etc
• Reverse engineering
• Web applications
• Exploit development
• Application vulnerability assessment
• Mainframe systems
• Mobile platforms (iOS, Android, etc.)
• Social engineering
• Malware development and red teaming
• Perform penetration testing, particularly on novel devices and environments innovatively and analytically
• Capable of working to strict deadlines and prioritizing work appropriately
• Able to develop scripts or code to automate testing and develop bespoke attacks
• Ability to work well independently and be comfortable leading a team within client engagements
  
  

Shape your future through impact that matters

For more than 100 years of history, Deloitte witnessed also had the honor to be part of the economic boom in China by providing industry-leading audit & assurance, consulting, risk advisory, financial advisory, tax & business advisory services to nearly 90% of the Fortune Global 500 Chinese companies and thousands of private companies. Deloitte China today carries on our centenary professionalism and strives to become the undisputed leader in professional services in China with strong responsibility and capabilities in digitalization and multidisciplinary services.

Deloitte has been named China's Top Employer since 2006, Universum's Most Attractive Employer in China since 2008, and the Best Workplaces in Greater China since 2019.

All qualified applicants will receive consideration for employment regardless of their background, experience, identity, ability or thinking style, and if you need assistance during the application process for accessibility reasons this is available upon request. The preferred candidate will be subject to background screening by Deloitte China or by their external third-party provider.

Ready to take on new challenges? Apply Now!

Stay connected for the latest career opportunities, follow us on Deloitte China Social Media.



Why Deloitte China?

Deloitte China delivers a comprehensive range of audit & assurance, consulting, financial advisory, risk advisory and tax services to local, multinational and growth enterprise clients in China.

We are the world's largest professional services firm that changes the world, we lead with purpose and shared values.

We are the market leader with digital and innovative solutions , we create values for client through our multi-disciplinary services.

We are recognized as Top Employer in China by the Top Employers Institute* for 14th consecutive years, and made the top 3 for the first time this year!

We are certified as one of the ‘Best Workplaces™ in Greater China by Great Place to Work® in 2019

All applications applied through our system will be delivered directly to the advertiser and privacy of personal data of the applicant will be ensured with security.