CYBER SECURITY SENIOR CONSULTANT – RISK & ASSESSMENT (SUPERVISOR LEVEL) 

 

Responsibilities:

• Performs security and/or risk assessments in a fast-paced environment along with providing timely and practical recommendations to mitigate the identified risks
• Performs security and/or risk assessments aligned with industry standards (ISO 27001/2, NIST, CIS, PCIDSS, SWIFT CSP), regulatory requirements (BSP circulars and others), and best practices
• Performs maturity assessments in cyber security and information technology
• Participates in discovery workshops with other consultants and key stakeholders, both in IT and other business units
• Participates in project presentation for client project team and other key stakeholders
• Facilitates Security Training and Awareness

 

Qualifications:

• Graduate of Bachelor of Science in Information Technology or related courses
• Has at least 3 years of experience in security assessments (Third Party Security Risk Assessments, ISMS/NIST Assessment, SOC 2 Type 2 Assessment, RCSA, Configuration Review, Architecture Review, Controls Review) (Mandatory)
• Has facilitated at least one (1) IT Risk Assessment project
• Has working experience in Data Privacy (PDPA, GDPR, DPA of 2012)and in Security Awareness and Training
• Specific 1 year  experience in consulting/advisory engagements (preferred)
• Strong knowledge in IT Audit/Assessments and/or Maturity Assessments
• Strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS, PCI DSS and SWIFT CSP
• Understanding of local regulations (BSP circulars)
• Understanding of Cloud Compute, Storage, Security and Virtualization best practice
• Preferably has at least one of the following certifications:
  • ISC2 CISSP
  • ISMS LA/LI
  • ISACA CISA or CRISC
  • Relevant certifications for PCI DSS, SWIF, HITRUST and other industry security standards/guidelines 
• Good analytical, communication, interpersonal, and presentation skills