About the role
Contribute to the design, execution, and delivery of cyber GRC engagements across diverse industries. You will work closely with senior stakeholders to deliver practical, business-aligned outcomes by enhancing governance capabilities and strengthening risk management for clients.
ConsultingOnsite
Key Responsibilities
- Develop and enhance cybersecurity governance materials, including policies, standards, procedures, control frameworks, and RACI models.
- Design and support the development of enterprise security strategies, cyber target operating models, and transformation roadmaps.
- Perform readiness assessments aligned to regulatory, industry, and client-specific requirements.
- Execute risk management activities, including risk identification, scoring, control testing, development of KRIs/KPIs, and reporting enhancements.
- Support GRC technology enablement through requirements gathering, workflow mapping, control library development, and dashboard reporting using platforms.
- Facilitate workshops, interviews, and stakeholder discussions to gather insights, align requirements, and validate findings.
- Collaborate with cross-functional project teams to ensure seamless and timely delivery of engagement outcomes.
Requirements
- 3–5 years of experience in cybersecurity governance, risk management, and compliance.
- Hands-on experience developing or reviewing cybersecurity policies, standards, procedures, and control frameworks.
- Experience conducting cyber maturity assessments, compliance reviews, or risk assessments.
- Familiarity with key frameworks and regulations including NIST CSF, ISO 27001, COBIT, MAS TRM, PDPA.
- Strong analytical, problem-solving, communication, and stakeholder engagement skills.
- Bachelor’s degree in Computer Science, Information Systems, Information Technology, Engineering, or related field.