Cybersecurity Risk Assessment Engineer (DSC / JH)

• Provide professional services in cybersecurity risk assessment and governance in both IT and OT environments.
• Perform cybersecurity audits to assess security controls and compliance, identifying gaps and vulnerabilities.
• Ensure the integration of Security-by-Design principles by evaluating and advising on security measures throughout the lifecycle of systems and applications.
• Evaluate the cyber maturity of IT/OT security programs and assess effectiveness of existing security measures.
• Assess and provide guidance on data security governance and controls across all cybersecurity domains.

Key Activities:

• Conduct gap analysis and cyber governance assessments against cybersecurity policies/standards such as CCoP, CP8, IM8, NIST, ISO, IEC 62443, etc.
• Provide expert advisory services and deliver actionable recommendations for risk mitigation strategies.
• Review and assess cybersecurity frameworks, policies, processes, and procedures.
• Assist in measuring the effectiveness of cybersecurity and privacy programs, aligning with industry standards.
• Prepare and present reports on cybersecurity risk posture, audit findings, and risk mitigation measures.
• Engage in Pre-Sales consultancy, including preparing business proposals and delivering presentations.
• Lead and manage projects when required, ensuring all deliverables meet client expectations.
• Function independently or as part of a professional team, depending on project requirements

Requirements

• Strong cybersecurity certifications, such as CRISC, CISSP, CISM, etc., with a preference for the Certified Information Systems Auditor (CISA) certification.
• Hands-on experience in cybersecurity risk assessment, audit, and governance within IT and OT environments.
• Ability to lead and support cybersecurity audits that align with industry standards and frameworks.
• Excellent communication skills for reporting findings, advising clients, and delivering technical presentations.