Cyber Maturity

Job Description: Cyber Maturity Assessment Consultant

Team
: Security Consulting

Designation
: Cyber Maturity Assessment Consultant

Job Role
: Run Cybersecurity Maturity Assessments (CMA/SMA) and risk evaluations for customers, aligned with industry frameworks to enhance client security posture and operational resilience.

Experience
: 5+ years in cybersecurity consulting, focused on cyber maturity assessments, risk management, and compliance programs.

Job Location: Cyberjaya

Shifts: Day Shift. However, flexibility is required to provide extended support and be

available on-call when needed.

Key Responsibilities

Cyber Maturity & Risk Assessments

 Conduct comprehensive CCyber Maturity Assessments for clients, aligned with frameworks such as NIST CSF, ISO 27001, CMMI, and COBIT.

 Perform risk assessments—both qualitative and quantitative—to prioritize vulnerabilities and recommend mitigation strategies.

 Evaluate third-party and supply chain security exposures.

Strategy & Advisory

 Analyse and Discover gaps in the Cybersecurity Technologies, People and Processes for clients.

 Develop cybersecurity roadmaps to improve clients' maturity and governance structures.

 Recommend enhancements to cyber operating models and organizational alignment.

 Deliver executive-level reports and gap analyses with clear business impact insights.

Client Engagement & Training

 Facilitate workshops to train clients on cybersecurity best practices and self-assessment techniques.

 Mentor junior consultants on methodologies, report creation, and client communication.

 Support business development initiatives, including proposal writing and client presentations.

Compliance & Certification

 Provide guidance for ISO 27001/ certification and audit readiness.

 Ensure alignment of security programs with standards like NIST and ISO 27005.

Work Experience

 5+ years of hands-on experience in cybersecurity consulting.

 Demonstrated history of executing cyber maturity reviews and third-party risk assessments.

 Demonstrated success in leading end-to-end client engagements, from scoping to delivery of assessment reports.

 Proven ability to work cross-functionally with IT, Risk, and Compliance teams to align cybersecurity efforts with business priorities.

 Delivered executive-level briefings translating technical assessment findings into strategic, business-aligned recommendations.

Qualifications

 Bachelor's/Master's degree in Cybersecurity, Information Security, or a related field.

Essential Technical Skills

 In-depth understanding of NIST CSF, NIST RMF, COBIT, ITIL, and ISO 31000.

 Familiarity with cybersecurity governance models and risk assessment tools.

Certifications

 CRISC, ISO 27001 LA, CC (ISC)², or equivalent certifications.

Desired Skills

 Strong analytical, communication, and presentation skills.

 Experience in financial services, insurance, or critical infrastructure sectors.

 Ability to lead and mentor team members effectively.

Performance Metrics

 Client satisfaction scores and feedback.

 Number and quality of assessments completed annually.

 Contributions to proposals and business development success.