Roles and responsibilities - 

We are seeking a number of Cyber Security Risk Advisory Senior Associates to join our practice, to respond to strong demand-led growth. The core responsibilities of this role include, and for a few can be trained to achieve: 

• Overseeing and assessing cyber security program maturity and capabilities / performing gap assessments against industry frameworks / control testing using audit methodology;  

• Overseeing and assessing compliance with regulatory requirements and deliver report that identifies compliance or gaps; 

• Overseeing and assessing Third Party Risk Management (TPRM) capabilities across the TPRM lifecycle, from initial planning and due diligence to ongoing monitoring and termination of vendors; 

• Executing benchmarks using tools and reporting outcomes against industry standards; 

• Leveraging analytical and research skills in preparing materials; 

• Overseeing preparation of materials (reports, presentations, spreadsheets, etc.) to help enable informed decision making;

• Overseeing the development, review, ongoing maintenance and development of security policies, standards, processes, procedures and requirements; and

• Facilitation of meetings, walkthroughs to document understanding of current processes.

Required Skill Set - 

Demonstrates thorough knowledge and/or a proven record of success in:

• Providing industry-leading practices in cyber security and regulatory compliance, including knowledge of common industry frameworks such as ISO 27001, NIST CSF, and PCI DSS;

• Executing cyber security audits and assessments of an effective cyber security program; 

• Good understanding of the various cyber security concepts such as policy, standards, cyber governance, risk, controls, access management, etc.

• Ability to define cyber security policies, standards, and procedures; 

• Managing and overseeing projects involving information security, technology risk management, cyber security or cyber risk management;  

• Understanding standard industry practices involving third party risk management regulations, risk assessments and business processes; 

• Preparing concise and accurate documents, leveraging and utilizing MS Office and Google Suite to complete related project deliverables; 

• Managing project financials in line with agreed-upon budgets; 

• Leveraging creative thinking, problem solving and individual initiative; 

• Collaborating with clients and building relationships with clients;

• Attention to details in executing and reviewing work products to establish the highest quality deliverables in the allotted time frame; 

• Independently managing and prioritizing workload;

• Creating a positive working environment by monitoring and managing workloads of the team - balancing client expectations with the work-life quality of team members; 

• Keeping leadership and engagement management informed of progress and issues; and

• Ability to adapt to and communicate with different working styles.

Education / Qualification - 

Would ideally include at least one of the following:

• Bachelor's degree in Computer Science, Digital Innovation Management, Business Administration, Cybersecurity, or Information Technology

• Master’s degree in Cyber Security, Information Security or Computer Security

• CISSP

• CISM

• CISA

• ICS2

• IISP

• ISO 27001 Lead Auditor