Position Overview:

The Cyber Security Consultant plays a critical role in shaping and safeguarding the organization’s digital environment. This position is responsible for developing and maintaining cybersecurity frameworks, advising stakeholders, managing risks, and ensuring compliance with global standards and regulations.

Responsibilities:

Policy & Governance

• Develop, implement, and maintain cybersecurity policies, standards, and baselines that align with international best practices and regulatory requirements.
• Ensure continuous compliance with relevant laws, regulations, and industry frameworks (e.g., ISO/IEC 27001, NIST, GDPR).

Strategic Advisory

• Provide expert cybersecurity consulting to internal departments, project teams, and external partners to ensure the protection of information assets and systems.
• Act as a trusted advisor in security architecture, secure software development, and infrastructure protection.

Risk Management

• Conduct cyber risk assessments and threat modeling across systems and processes.
• Recommend and implement mitigation strategies to address identified vulnerabilities and risks.
• Support incident response planning and execution, including post-incident analysis and reporting.

Compliance Monitoring & Improvement

• Monitor internal and external compliance with cybersecurity policies and standards.
• Analyze security weaknesses and gaps, and propose enhancements to strengthen the organization’s security posture.

Research & Innovation

• Stay current with emerging technologies, global cybersecurity standards, and threat intelligence.
• Lead research initiatives to evaluate new tools, frameworks, and methodologies for improving cybersecurity practices.
• Integrate findings into the continuous development of cybersecurity policies and controls.

Collaboration & Reporting

• Collaborate with IT, legal, compliance, and business units to align cybersecurity initiatives with organizational goals.
• Prepare reports and presentations for senior management on cybersecurity metrics, risks, and strategic initiatives.

Desired qualifications

• Bachelor Degree or higher in computer science, information technology, Cyber Security or related field.
• 3-5 years experience in Cyber Security, IT Infrastructure and Data Network
• Knowledge : Cyber Security, Computer Data Network, Programing, IT & Cyber Security Operation
• Training experience : Security Plus (Sec+) or equivalent certifications, compliance ISO-27001, CSA-STAR, PCI-DSS is advantage
• CISSP or CISA/CIAM is advantage
• Good attitude, Strong communication and presentation skills