Senior Cybersecurity Consultant

**Job Summary**:
**Salary**
S$5,500 - S$9,000 / Monthly EST

**Job Type**
Permanent

**Seniority**

Senior

**Years of Experience**
At least 7 years

**Tech Stacks**
Strategy
- We are seeking a highly skilled and experienced Senior Cybersecurity Consultant to join our team. In this pivotal role, aside from delivering cybersecurity strategy projects, you will be primarily responsible for providing strategic guidance, expert advice, and hands-on support to senior executives before, during and after cyber-related incidents/crisis, drawing from your extensive experience as an incident commander or crisis secretariat.

**Responsibilities**:

- Perform research and analysis on regulations and policies to determine alignment and assist with the development, implementation and tracking of the progress of clients’ objectives with supporting goal targets.
- Develop appropriate methodologies, frameworks and approaches to address project objectives, drive the clients towards positive business results, reinforce the clients’ strategic objectives, achieve improvements in effectiveness, gain efficiencies and increase digital maturity.
- Influence, drive and support the clients in their cybersecurity transformation journeys while maintaining alignment to their business objectives.
- Curate, digest and utilise the latest threat intelligence and trends and incorporate this information into the deliverables.
- Lead in the conduct of simulation exercises, post-incident reviews, and other related training, to improve our customers maturity to detect, respond and recover from cyber-related incidents and/or crisis. This includes the crafting of reports and presentation material to deliver findings to our customers.
- Stay abreast of emerging cyber threats, attack techniques, and incident response best practices, and share insights and recommendations with clients to enhance their cybersecurity posture.
- Serve as the primary point of contact and trusted advisor for senior leaders of our clients before, during and after cybersecurity crises, providing clear communication, actionable guidance, and reassurance in times of uncertainty.
- Conduct rapid assessments of cyber incidents to appraise the scope, and potential impact on our clients' operations, infrastructure, and sensitive data.
- Develop, implement and exercise, crisis response plans and playbooks tailored to the unique needs and risk profiles of our clients, ensuring readiness and resilience in the face of cyber threats. (this is the before)
- Provide strategic counsel to senior leaders of the Crisis Management Team, on critical decisions during a cyber-related crisis, such as resource allocation, communication strategies, and stakeholder engagement, to minimize business disruption and reputational damage.
- Communicate effectively with internal and external stakeholders, including board members, executives, regulatory authorities, law enforcement agencies, legal counsel, communications professionals, and external vendors to facilitate collaboration and transparency throughout the crisis.
- Contribute to the conduct of post-incident reviews and lessons learned sessions with clients' leadership teams to identify areas for improvement and enhance preparedness for future cyber-related crises.

**Qualifications**:

- Minimally a Bachelor's degree in Computer Science, Information Technology, or a related field.
- At least 7 years of experience in cybersecurity incident response, with a proven track record of serving as an incident commander or crisis secretariate in cyber crises.
- Direct experience leading or participating in three or more cybersecurity crises, demonstrating the ability to remain calm under pressure, make sound decisions, and communicate effectively with senior leaders.
- Industry certifications such as CISSP, CISA, CISM, GICSP, Cloud-related certifications or equivalent are highly desired.

**Preferred Skills / Qualities**:

- Familiar with crisis management approaches and frameworks.
- Familiar with designing, developing and delivering incident to crisis management, business continuity, disaster recovery simulation exercises, especially in the context of cybersecurity.
- Familiar with the MITRE ATT&CK Framework in security operations, threat Intel and wargaming.
- Strong understanding of cybersecurity principles, technologies, and best practices, including incident detection, response, and recovery.
- Familiar with international Cybersecurity standards, including NIST Cybersecurity Framework, NIST SP 800-53, or ISO 27001/2 and other relevant frameworks and standards.
- Familiar or keen in research, technical and business documentation, and analysis.
- Familiar with Singapore Government regulations and policies in relation to Risk Management and Cybersecurity.
- Proven leadership abilities, with the capacity to inspire and motivate cross-functional teams to achieve common goals.
- Excellent communication and interpersonal skills, with the ability to build