Cyber Risk Consultant

Ensign is hiring !

Key Responsibilities

• Conduct cybersecurity risk assessments across IT and OT environments.
• Partner with project and application teams to embed security-by-design practices throughout the lifecycle, from procurement to design and implementation.
• Review and guide project risk assessments, ensuring findings and mitigation controls are adequate.
• Perform network and system architecture reviews, to ensure alignment with security requirements and industry best practices.
• Represent clients in vendor and stakeholder discussions, providing subject matter expertise.
• Support compliance and governance activities, including audits, gap assessments, and reporting against regulatory and industry requirements.

• Develop, evaluate, and maintain cybersecurity policies, standards, and procedures in line with frameworks such as ISO/IEC 27001 and applicable regulatory expectations.

• Contribute to the development of security awareness programs and other client-specific initiatives.

• Provide input into cybersecurity roadmaps and strategic initiatives, to support planning for emerging threats and regulatory expectations.

Requirements

• 7+ years of experience in cybersecurity, with exposure to GRC, risk assessments and CISO office functions.
• Proven experience conducting risk assessments and guiding security-by-design practices across IT and OT environments.
• Strong understanding of OT and IT security concepts, technologies, and associated risks.
• Familiarity with recognized security frameworks and standards such as ISO/IEC 27001 and NIST.
• Strong communication and interpersonal skills, with the ability to represent clients in discussions and work effectively with both technical and non-technical stakeholders.
• Certifications such as CISSP, CISM, CISA, or CRISC are preferred.