Senior Consultant - Digital Risks

Control Risks is seeking an experienced Senior Consultant to join its rapidly growing Digital Risks team. This is a unique opportunity to join a fast-paced and distinctive capability that requires a highly motivated and diligent client-facing individual to join a successful team. This position will be based in Control Risks' Mumbai office.

The primary focus of this role is to deliver cyber security risk assessments in India and, where required, across the wider APAC region. As such, we require a strong subject matter expert in cyber risk assessment work with demonstratable experience and expertise in leading these engagements for international companies in India.

The individual will need to demonstrate maturity and effectiveness in working with senior client stakeholders and must be a team-player who is passionate about delivering high quality cyber security advice to some of the world’s largest firms.

The successful candidate will lead on assessments which require travel (up to 50% of working time), with the occasional need to travel over weekends. Overseas travel may be required, meaning holding a valid passport for international travel is essential.

The role requires a minimum of 3 years of experience in client facing cyber security advisory roles. The candidate will have an established track-record of delivering risk assessment projects and helping clients to navigate and manage their cyber security challenges.

Role tasks and responsibilities:

Managing and delivering client projects

• Meticulous delivery of high-quality services to the highest level of executive clients.
• Managing different types of client meetings and maintaining positive and respectful client relationships.
• Project management of multiple cyber risk advisory engagements (e.g. running kick-off meetings, refining outputs, developing recommendations).
• Delivering projects (e.g. helping clients to understand which information assets are valuable for them, conducting cyber risk assessments against ISO and NIST standards, helping clients define target operating models).
• Working with key project stakeholders (e.g. gathering information from interviews, document reviews and presenting findings) while maintaining the confidence of the client through clear communication and good project management.
• Provide flexible and responsive support as and when crisis management support is required and can be provided.

Business Development

• Demonstrate proven commercial acumen and client facing experience by:
• Developing proposals for future client work.
• Project scoping and planning, to support pricing.
• Maintaining up-to-date presale documents.
• Contributing to and building complex, multi-service line proposals.
• Cultivating long-term relationships with clients.
• Consistently develop Control Risks’ positioning with our clients in India to enhance our sales efforts, working closely with stakeholders across other practice areas.

Requirements

You must have all of these:

• Fluency in written and spoken English.
• Experience in delivering cyber security risk assessments within an established global consultancy.
• An undergraduate degree in a field related to security, information security, intelligence, or computer science.
• Proven experience in delivering risk assessments for several different clients against industry standards (NIST CSF, 800-53 and ISO27001).
• Experience in delivering high quality written reports and have a passion for getting the details right.
• The ability to explain difficult technical concepts and ideas in non-technical terms.
• Have a broad corporate experience and understanding of business process outsourcing and managing the third party cyber and information security risks that may arise.
• Good knowledge of cyber risk issues impacting clients in India and the APAC region.

The following experience is also preferred:

• A working familiarity on personal information and critical infrastructure information and cyber security regulations in India and the APAC region.
• A deep understanding of governance, standards, and compliance as they pertain to cyber security.
• An excellent knowledge of IT and network infrastructure.

Qualifications and specialist skills:

• Undergraduate or a post graduate degree in a field related to security, information security, intelligence, or computer science.
• CISSP, CISM, ISO27001 lead auditor, SANs or similar industry qualifications/certifications would be preferred.