Subject Matter Expert for Security Design Orchestration, Security Risk Assessment, and Strategy & Governance projects
Performs security and/or risk assessments in a fast-paced environment along with providing timely and practical recommendations to mitigate the identified risks.
Performs review of security solution design and implementation. Subsequently, advise on the design and architecture development.
Leads Business Continuity Management (BCM) projects including BCM assessment, Business Impact Analysis (BIA) and Design & Implementation of BCM
Leads discovery workshops with other consultants and key stakeholders, both in IT and other business units
Leads project presentation for client project team and other key stakeholders.
Leads project management and client management.
Assists the Partner in client pursuits, and presentation to client Senior/Executive Management
Leads pre-engagement and business development activities.
Key Skills/Experience:
Has more than 8 years experience in Information Technology
Has more than 5 years combined experience in: Security assessments (Security Maturity Assessment, Vendor Security Risk Assessments, ISMS/NIST Assessment, SOC 2 Type 2 Assessment, RCSA, Configuration Review, Architecture Review, Controls Review) or in charge for the Security Risk Management Program, Security design and architecture development (Infrastructure, Apps and Data, Cloud), at least 2 years
Has more than 2 years experience in Project Management (or acted as Project Manager for more than 5 projects)(Preferred)
Has at least 2 years experience in Business Development (Proposal development, Sales presentation, business case & portfolio development, etc.)(Preferred)
Specific 2 years experience in consulting/advisory engagements(Preferred)
Working experience in conducting BIA, BCM Assessment & Design
Working experience in Data Privacy (PDPA, GDPR, DPA of 2012)
Working experience in Security Awareness and Training
Working experience in presenting technical reports such as Vulnerability Assessment and Penetration Testing (VAPT) report and Digital Forensics & Incident Response (DFIR) report
Working experience in cloud environment (AWS and Azure, preferred)
Strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS and CSA CCM
Understanding of Security Operations Center processes and relevant technologies
Understanding of Cloud Compute, Storage, Security and Virtualization best practice
Understanding of Enterprise Security Architecture and industry accepted framework such as SABSA
Understanding of local regulations; DPA of 2012, BSP Circulars
Has has at least one of the following certifications: CISSP, CCSP, CISM or CRISC, Certification
