CMA Consultant

Job Description : Cyber Maturity Assessment Consultant

Team : Security Consulting

Designation : Cyber Maturity Assessment Consultant

Job Role : Run Cybersecurity Maturity Assessments (CMA / SMA) and risk evaluations for

customers, aligned with industry frameworks to enhance client security posture and operational resilience.

Experience : 5+ years in cybersecurity consulting, focused on cyber maturity assessments, risk management, and compliance programs.

Job Location :  Cyberjaya

Shifts : Day Shift. However, flexibility is required to provide extended support and be available on-call when needed.

Key Responsibilities

Cyber Maturity & Risk Assessments

Conduct comprehensive CCyber Maturity Assessments for clients, aligned with frameworks such as NIST CSF, ISO 27001, CMMI, and COBIT.

Perform risk assessmentsboth qualitative and quantitativeto prioritize vulnerabilities and recommend mitigation strategies.

Evaluate third-party and supply chain security exposures.

Strategy & Advisory

Analyse and Discover gaps in the Cybersecurity Technologies, People and Processes for clients

Develop cybersecurity roadmaps to improve clients’ maturity and governance structures. Recommend enhancements to cyber operating models and organizational alignment. Deliver executive-level reports and gap analyses with clear business impact insights.

Client Engagement & Training

Facilitate workshops to train clients on cybersecurity best practices and self-assessment techniques.

Mentor junior consultants on methodologies, report creation, and client communication. Support business development initiatives, including proposal writing and client presentations.

Compliance & Certification Provide guidance for ISO 27001 / 20000-1 certification and audit readiness. Ensure alignment of security programs with standards like NIST 800-30 and ISO 27005.

Work Experience

5+ years of hands-on experience in cybersecurity consulting. Demonstrated history of executing cyber maturity reviews and third-party risk assessments. Demonstrated success in leading end-to-end client engagements, from scoping to delivery of

assessment reports. Proven ability to work cross-functionally with IT, Risk, and Compliance teams to align

cybersecurity efforts with business priorities. Delivered executive-level briefings translating technical assessment findings into strategic,

business-aligned recommendations.

Qualifications

Bachelor’s / Master’s degree in Cybersecurity, Information Security, or a related field. Essential Technical Skills

In-depth understanding of NIST CSF, NIST RMF, COBIT, ITIL, and ISO 31000. Familiarity with cybersecurity governance models and risk assessment tools.

Certifications

CRISC, ISO 27001 LA, CC (ISC)², or equivalent certifications.

Desired Skills

Strong analytical, communication, and presentation skills. Experience in financial services, insurance, or critical infrastructure sectors. Ability to lead and mentor team members effectively.

Performance Metrics

Client satisfaction scores and feedback. Number and quality of assessments completed annually. Contributions to proposals and business development success.

• Skillset Required : Iso 31000, Risk Assessment, Iso 27001, Cmmi, Presentation Skill, Information Security, Insight, Compliance, Methodologies, Resilience, Business Development, Itil, Multimedia, Cybersecurity, Technical Skill, Technical Skills, Strong Analytical