Job
Description
Role & RESPONSIBILTY Conduct thorough and detailed cyber risk assessments for our clients, analyzing their digital infrastructure, systems, and security controls. Perform risk assessments on various applications, services, and infrastructure components. Collaborate with cross-functional teams to gather essential information and data required for comprehensive risk assessments. Evaluate and interpret assessment results to identify potential vulnerabilities and risks and provide actionable recommendations for risk mitigation. Stay up to date with the latest cyber threats, attack vectors, and industry best practices to enhance the effectiveness of risk assessments. Prepare and deliver clear and concise reports summarizing the findings of risk assessments to clients and internal stakeholders. Provide expert advice and consultancy to clients, guiding them in implementing robust cybersecurity risk management strategies. Mentor and support junior team members to foster their professional growth and skills in cyber risk. Establish and sustain long-term profitable client relationships that drive value creation, delivery excellence and a positive client work environment. Manages client expectations and client satisfaction. Acts as an advisor and partner to the client. Design, develop and implement business strategies for clients to implement new and different approaches to business based on the innovation approach. REQUIREMENTS: A minimum of 4+ years of hands-on experience in conducting cyber risk assessments and related security assessments. Industry certifications such as CISSP, CCSP, CISA, CISM, CRISC, ISO/IEC:27001/22301/20000 LI/LA or equivalent are highly valued. Profound knowledge of cybersecurity frameworks, industry standards, and best practices. Proficiency in using various security assessment and techniques. Conceptual knowledge of OT security (OT systems and networks), ISA/IEC 62443 standard is preferable. Ability to apply knowledge of cyber security to OT/SACAD systems to implement new cyber defence/resiliency technique. Working knowledge of cybersecurity policies and standards using NIST 800-82 and IEC 62443. Strong analytical and problem-solving skills, with the ability to think critically and strategically. Excellent communication and presentation skills, capable of effectively communicating technical concepts to both technical and non-technical audiences. Demonstrated experience in project management and handling multiple assessments simultaneously. A proactive and self-motivated approach to work, with a commitment to continuous learning and professional development. Network Security, infrastructure assessment and network architecture design review. Knowledge on GDPR/PCI-DSS/NIST/Privacy Hands on experience on technologies like Zscaler, networking devices, cloud computing is preferable. Conduct end-to-end risk assessments (impact assessments, regulatory assessments, control assessments) Information security risk assessments for cloud services, vendor developed/ managed applications.
