Cybersecurity Generalist Senior Associate

Responsibilities :

• Design Cybersecurity framework based on business objectives and strategic imperatives of the client organisation including goals, vision, mission, and operational plans
• Devise a cybersecurity strategy encompassing enterprise security architecture, design, and program transformation
• Design and operate governance and security processes at system, network and application levels
• Maintain continuous communication with key stakeholders in support of the security strategy, and plan and solicit feedbacks, to uplift the programs and capabilities
• Be abreast of best practices, vendor capabilities, and frameworks, to sustain a best-in-class and highly innovative security program
• Monitor processes and drive improvements in efficiency and quality of security program
• Assist in development of workflows for transitioning strategic plans into implementation plans and operational readiness
• Facilitate strategic planning initiatives, documentation, technical roadmaps and security tool rationalisation
• Define security policy and standards framework definition
• Assist in designing the security organisation structure
• Develop security policies, procedures, standards based on the security strategy and roadmap
• Review of cybersecurity policies and processes to identify gaps in design of control based on comprehensive assessment framework
• Conduct security process implementation reviews to assess security effectiveness and reporting
• Conduct Current State Assessment of cybersecurity practices against the defined controls and provide recommendations for to-be state
• Define risk management techniques around threats and vulnerabilities identified
• Conduct Risk Assessment and Threat Assessment based on best practices to realise the cybersecurity strategy
• Run Cyber Security Diagnostic Assessments and develop programs for cybersecurity skill development and enhancement
• Design cybersecurity awareness and stakeholder sensitisation program including materials, posters, newsletters, training workshops, etc.
• Provide certification advisory across Information Security Management System (ISMS), Privacy Management System (PMS), Business Continuity Management Systems (BCMS), PCI DSS etc.
• Implement security controls for realisation of the certification requirements and provide technology roadmap based on the security strategy

Requirement :

• Bachelor’s degree in Computer Science, Information Systems, Information Technology, Engineering, or equivalent education
• Minimum 2 - 4 years of relevant experience
• Essential Skills: Professional certifications – relevant cybersecurity certification, CISSP/CISA/CISM/ISO 27001 Lead Auditor, ISO 27001 Lead Implementer, ISO 22301 Lead Implementer, ISO 29001 Privacy
• Knowledge of PCI, NIST and other security standards
• Strong interpersonal skills and customer service skills
• Deliver in highly collaborative and impactful manner
• Proficient in development of high-quality professional presentation for business
• Passionate about analysing evolving security challenges, and developing innovative security solutions working with internal customers
• Coordinate between business stakeholders and technical teams
• Strong oral and written skills involving both business and technical sides