Security Consultant (Governance Risk Compliance)
Мэтч & Сопровод
Для мэтча с этой вакансией нужен Plus
Описание вакансии
TL;DR
Security Consultant (GRC): Leading and delivering governance, risk, and compliance engagements for IT, OT, and CII environments with an accent on security frameworks, regulatory requirements, and risk assessments. Focus on designing remediation plans, conducting pre-assessment reviews, and producing technical reports for senior management.
Location: Hybrid (Singapore); All applicants must have residence in Singapore
Company
is a global provider of cybersecurity and assurance services focusing on excellence in risk management for governments and critical national infrastructure.
What you will do
- Plan and deliver GRC engagements across frameworks such as NIST CSF, ISO 27001, ISO 42001, and Singapore's Cyber Trust Mark.
- Perform structured cybersecurity risk assessments and maintain comprehensive risk registers including treatment plans and tracking.
- Support clients in achieving regulatory compliance and certification readiness through pre-assessment reviews and remediation validation.
- Produce technical and commercial reports with actionable recommendations for both technical stakeholders and senior management.
- Deliver professional consultative engagements for critical infrastructure sectors including aviation, energy, finance, and maritime.
- Contribute to pre-sales activities by defining engagement scopes, identifying dependencies, and estimating effort.
Requirements
- Practical experience delivering GRC engagements within enterprise IT, Cloud, OT, or CII environments.
- Strong understanding of networking, operating systems, and cybersecurity technologies.
- Must be a resident of Singapore.
- Ability to independently manage multiple client engagements with a high standard of quality.
- Proven stakeholder management skills and professional written communication for client-ready documentation.
- Bachelor’s degree in Computer Science, Cybersecurity, Engineering, or a related technical field.
Nice to have
- Experience in regulated sectors such as aviation, energy, utilities, or government.
- Professional certifications including CISSP, CISM, CISA, or CRISC.
- ISO/IEC 27001 or ISO/IEC 42001 Lead Auditor certifications.
- OT security certifications such as GICSP or IEC62443.
- Cloud security credentials (e.g., CCSP).
Culture & Benefits
- Industry-leading employee retention with a supportive, collaborative learning environment.
- Exposure to a full spectrum of cyber services, from Red Teaming to SOC analysis and GRC.
- Opportunities to tackle deep technical challenges on cutting-edge engagements.
- Clear career progression paths and professional development opportunities.
- Attractive compensation package for the right candidate.
Будьте осторожны: если работодатель просит войти в их систему, используя iCloud/Google, прислать код/пароль, запустить код/ПО, не делайте этого - это мошенники. Обязательно жмите "Пожаловаться" или пишите в поддержку. Подробнее в гайде →