Talent.com
Tawaran kerja ini tidak tersedia di negara anda.
Senior Consultant- Digital Risks

Senior Consultant- Digital Risks

Control RisksKuala Lumpur, Federal Territory of Kuala Lumpur, MY
2 hari lalu
Jenis pekerjaan
  • Quick Apply
Penerangan pekerjaan

We are seeking a highly skilled and motivated Senior Consultant- Cyber Assurance to join our growing cybersecurity assurance team. In this role, you will lead and deliver high-impact cyber risk and assurance engagements, helping clients navigate regulatory requirements, manage information security risks, and enhance their cybersecurity posture.

You will play a key role in project delivery, client engagement, and mentoring junior staff, while also contributing to the development of new service offerings and best practices.

Tasks and responsibilities :

The Senior Consultant will take responsibility for individual and client-facing outputs in the following areas :

Delivering digital risk and cyber security engagements

  • Lead and manage cyber assurance projects including IT audits, risk assessments, ISO 27001 readiness, SOC 2, NIST, PCI-DSS, and other compliance frameworks.
  • Design, assess, and implement cybersecurity controls in line with regulatory requirements and industry best practices.
  • Perform cybersecurity maturity assessments and develop tailored improvement roadmaps.
  • Guide clients through internal and external audit processes, including preparation, audits, testing, and remediation planning.
  • Identify control gaps and recommend practical, risk-based solutions aligned with business objectives.
  • Produce high-quality deliverables, such as risk reports, gap assessments, audit reports, and executive summaries.
  • Build strong client relationships, acting as a trusted advisor on cybersecurity and risk issues.
  • Support business development efforts, including proposals, presentations, and thought leadership.
  • Mentor and supervise junior consultants, promoting a culture of knowledge sharing and continuous learning.

Business development & practice growth

  • Identify opportunities for additional services during engagements and contribute to proposal writing and client presentations.
  • Assist in developing new service offerings, market insights, and go-to-market strategies for the cyber assurance practice.
  • Participate in industry events, webinars, or networking opportunities to represent the firm’s cyber capabilities.
  • Requirements

    Required Qualifications :

  • Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field (or equivalent experience).
  • 5+ years of experience in cybersecurity, risk management, or IT auditing
  • Demonstrable expertise leading the delivery of assessments based on cybersecurity standards and frameworks such as NIST CSF 2.0, IS27001 and 27002, SOC2, Center for Internet Security (CIS) best practices, PCI-DSS, CSA Cloud Controls Matrix, GDPR, HIPAA, HITRUST, etc.
  • Hands-on experience with tools and platforms used for cyber risk assessments, vulnerability scanning, and audit processes
  • Strong understanding of information security domains such as access control, encryption, vulnerability management, network security, and incident response.
  • Evidence of supporting clients overcome cybersecurity challenges in a broad array of sectors which may include, but is not limited to : Technology, Financial Services, and Retail.
  • A deep understanding of governance, standards, and compliance as they pertain to cyber security.
  • Ability to analyze complex security data and translate findings into industry specific recommendations.
  • Desired Skills :

  • Certifications : CISSP, CISM, CRISC, CISA, SCP, CCNP, ISO 27001 Lead Auditor or other relevant security or risk management certifications.
  • Experience working in a global organization and understanding of the challenges involved in managing risks across multiple jurisdictions.
  • Project management skills to manage multiple assessments, stakeholders, and deadlines effectively.
  • Strong communication skills, both written and verbal, with the ability to present complex technical information to non-technical audiences.
  • Knowledge of cloud security, supply chain security, secure software development, encryption standards, security tools, and emerging threats related to third-party relationships.
  • Buat amaran kerja untuk carian ini

    Senior Consultant • Kuala Lumpur, Federal Territory of Kuala Lumpur, MY