Associate Security Consultant (Information Security)

• Implement information / IT security engagements for clients
• Provide delivery expertise on information security projects. This could be on technical or process aspects (such as Information Security Management Systems (ISMS) or ISO 27001, Business Continuity Management / IT Disaster Recovery Management or ISO 22301/ ISO 27301, Data Loss Prevention (DLP), Identity and Access Management (IAM), cloud security, cyber security design, tools and solutions, security strategy and security project management).
• Experience in the identification, assessment, mitigation and management of information security risks and issues across the information security spectrum.
• Identify best practices for Information Security into technically feasible and user friendly deliverables and communicate to clients and their Information Security staff.
• Gain understanding of key customer issues and help create proposals as required.
• Build own knowledge and competency in cyber security and gain alignment and understanding of at least one industry.

• Degree in any discipline and/or MBA from a recognised institution; IT Degree preferred.
• Related certifications are a plus e.g. CISSP, CCSP, SSCP, GSLC, GISP, CISM, CRISC, CGEIT, CISA, CCSK, CEH, CCNA, ISO 27001 Lead Auditor, etc.
• Good overall understanding of IT.
• Strong understanding of information security & regulatory standards/ frameworks; e.g. ISO/IEC 27001, COBIT, ITIL, PCI-DSS, NIST Cyber Security Framework, GPIS1, etc.
• Good technical knowledge on at least one of the following areas:

• Familiarity and experience in security standards and regulatory frameworks (e.g. ISO/IEC 27001, ITIL, GPIS1, PCI-DSS, etc.)

FIRMUS Sdn Bhd