Cybersecurity practice, within Risk Assurance
Helps business leaders protect and manage their risk related to information regarding technology, people, systems, processes, culture, and physical surroundings. We help clients’ understand their current capability and develop a plan to build cyber security resilience to identify, protect, detect and respond to cybersecurity threats, including advising on various regulatory and data privacy issues.
JOB RESPONSIBILITIES
- Perform assessment / Design/ implementation related to cybersecurity:
- Governance using various standards / frameworks such as NIST, ISO 27000 family, PCI-DSS, COBIT, CIS, and other established standards; or
- Various application security and various infrastructure security (e.g operating System, database, firewall, switches, API and other security devices). This includes security assessment on web applications / infrastructures / clouds / mobile applications; or
- Cloud security; or
- Red teaming exercise; or
- Cyber incident response, threat hunting and incident analysis; or
- Operation Technology security (preferably in energy, mining, utilities and oil & gas industry).
- Provide recommendations/ advice to the clients.
- Train, coach and upskill team members’ capabilities.
- Perform active business developments, marketing, proposal preparation process, and lead pursuit of IT-related security projects.
- Interacting with clients on solutions and executing projects on client engagements, forming client relationships and demonstrating an understanding of the client’s business.
- Preparing concise and accurate documents / report, leveraging and utilizing MS Office (Word, Excel, Access, PowerPoint).
- For managerial level:
- Participating actively in client discussions and meetings;
- Balancing project economics management with the occurrence of unanticipated issues.
- Exhibit project management skills, including developing project plans, budgets, and deliverables schedules.
- Build relationships with clients and expand business networking.
- Creating a positive environment by monitoring workloads of the team while meeting client expectations and respecting the work-life quality of team members.
- Providing candid, meaningful feedback in a timely manner to the group;
- Keeping leadership informed of progress and issues.
JOB REQUIREMENTS
- Minimum Bachelor degree(s).
- Years of working experience in the relevant area. Having experience in cybersecurity consulting firm is an advantage:
- Senior Associate: 3 – 5 years
- Manager: 6 -10 years
- Senior Manager: > 10 years
- Good professional reporting skills in Bahasa Indonesia and English
- Good knowledge of relevant cybersecurity standards / frameworks.
- Good experience and knowledge in the general IT technical and controls, network, and security best practises.
- Having related cybersecurity certificate is an advantage:
- Cybersecurity Governance area: Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM).
- Application and Infrastructure security area: Offensive Security Certified Professional (OSCP) or Offensive Security Certified Expert (OSCE).
- Cloud security: Certified Cloud Security Professional (CCSP) or advanced security certification from Cloud Service Provider.
