Assistant Director, Cyber Transformation

Ensign is hiring !

Responsibilities:

• Report to the Head of Advisory in engaging executives and leadership (i.e., board of directors), providing advice for business transformation or cybersecurity strategy maturity.
• Engage executives and leadership to build strategic relationships which will be leveraged for transformative outcomes for the clients.
• Lead the development, transformation and execution of cybersecurity strategy for clients, taking into consideration the necessary business context.
• Manage the P&L of the team based on established goals for the team
• Work with team members, other Consulting functional teams and clients to translate strategic, tactical, operational and project objectives of clients into tangible cybersecurity outcomes with business context.
• Apply a multi-disciplinary lens in assessing the client business context, cybersecurity posture and maturity, and taking in consideration for the cyber threat environment to provide a wide-ranging set of recommendations for clients.
• Apply design-thinking approaches in understanding context, defining problem, developing hypothesis and solutions, collecting feedback, testing and refining solutions, and iterating solutions.
• Analyse and integrate cyber risks and relevant non-cyber risks to identify thematic areas of concern.
• Perform research and analysis including industry research, best practices, international standards and emerging cyber trends as necessary.
• Develop strategic recommendations and initiatives based on people, process, technology and governance perspectives.
• Develop, lead and support strategic initiatives, organised into roadmaps for implementation, collaborating with the client stakeholders for execution in alignment between cybersecurity and business objectives in a sustainable manner.
• Develop documentation such as frameworks, policies, procedures, standards, baselines, guidelines and other materials in support of transformational initiatives.
• Support development of documentation and artefacts to maintain knowledge management and intellectual capital of the team.
• Lead and grow the Advisory team’s capabilities to develop regional delivery capabilities.

Requirements: 

• Relevant cybersecurity certification, specifically CISSP.
• Master's degree in Accountancy, Business Administration, Computer Science, Economics, Law, Public Policy, or other equivalents.
• Bachelor’s degree in Information Security, Computer Engineering, Computer Science, Information Systems, or other equivalents.
• 3 to 5 years of experience with focus on cybersecurity risk management.
• 3 to 5 years of experience with focus on delivering strategic and transformational programmes.
• Experience in performing maturity / benchmarking assessments, development of roadmaps for improvement and / or development of cybersecurity operational and governance documentation. 
• Experience in management, technology and/or cybersecurity consulting, has both internal and client facing engagements.
• Strong social and communication skills with direct client interaction and engagement, especially at executives and leadership levels.
• Proficiency in Microsoft Office suite, with a focus on PowerPoint and Excel and track record developing high quality deliverables for client presentations.
• Ability to understand business and technology trends as well as their implications to business.
• Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations.
• Ability to travel 25% of the time.
• Applicants selected may be subjected to security screening and may need to meet eligibility requirements for access to classified information.

Preferred Skills /Qualities: 

• Familiar with international regulations such as Cybersecurity Laws, Privacy Laws, and international cybersecurity standards, including NIST Cybersecurity Framework, NIST SP 800-53, IEC 62443, and/or ISO 27001/2.
• Familiarity with developing and implementing cybersecurity strategies is a plus.
• Familiarity with developing and delivering tabletop exercises and executive trainings are a plus.
• Experience in incident or crisis management is a plus.
• Ability to perform threat intelligence analysis.
• Ability to manage small to mid-sized projects independently.
• Ability to work as a part of team or as an individual contributor.
• Ability to perform with minimal supervision. 
• Proficiency in one or more regional (Asian) languages and dialects.
• Strong presentation and briefing skills.
• Strong oral and written communication skills.