Control Risks

Associate Director – Cyber Advisory

Control Risks

full-time

Posted on:

Location Type: Hybrid

Location: LondonUnited Kingdom

Visit company website

Explore more

AI Apply
Apply

Job Level

Senior

Tech Stack

Cyber Security

About the role

  • Delivering projects (e.g., conducting asset identification exercises, cyber risk assessments against ISO and NIST CSF 2.0 standards, and demonstrating cyber audit expertise).
  • Managing different types of client meetings and maintaining positive and respectful client relationships.
  • Line management and upskilling of junior resources within the Digital Risks, Protect team.
  • Strategic delivery acting as virtual-CISO for our clients on an ongoing basis.
  • Project management of multiple cyber risk advisory engagements (e.g. running kick-off meetings, refining outputs, developing recommendations).
  • Working with key project stakeholders (e.g., gathering information from interviews, document reviews and presenting findings) while maintaining the confidence of the client through clear communication and good project management.
  • Providing flexible and responsive support as and when crisis management support is required and can be provided.

Requirements

  • Solid experience in cyber security and related disciplines, particularly in technology and infrastructure consulting projects
  • Experience in delivering large, converged programmes of work in EMEA including cyber security risk assessments within an established global consultancy.
  • Proven experience in delivering risk assessments for several different clients against industry standards (NIST CSF, 800-53 and ISO27001).
  • An excellent knowledge of IT and network infrastructure, alongside cyber security best practices for securing networks.
  • Subject matter expertise, including extensive and demonstrable fluency in technology risk issues.
  • Proven experience of operating in senior security and resilience roles, including knowledge of IT and OT network infrastructure.
  • The ability to explain difficult technical concepts and ideas in non-technical terms to senior executives.
  • Strong understanding of operational technology cyber security best practices.
  • A working familiarity on personal information and critical infrastructure information and cyber security regulations in the EU and wider European region.
  • A deep understanding of governance, standards, and compliance as they pertain to cyber security.
  • An undergraduate degree in a field related to security, information security, intelligence, or computer science.
  • Have a broad corporate experience and understanding of business process outsourcing and managing the third party cyber and information security risks that may arise.
  • Good knowledge of cyber risk issues impacting clients in Europe.
  • Undergraduate or post graduate degree in a field related to security, information security, intelligence, or computer science.
  • CISSP, CISM, ISO27001 lead auditor, SANs or similar industry qualifications/certifications would be preferred.
Benefits
  • Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarised in the full job offer.
  • We operate a discretionary global bonus scheme that incentivises, and rewards individuals based on company and individual performance.
  • Control Risks supports hybrid working arrangements, wherever possible, that emphasise the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.
  • As an equal opportunities employer, we encourage suitably qualified applicants from a wide range of backgrounds to apply and join us and are fully committed to equal treatment, free from discrimination, of all candidates throughout our recruitment process.

Applicant Tracking System Keywords

Tip: use these terms in your resume and cover letter to boost ATS matches.

Hard skills
cyber securitycyber risk assessmentsISO27001NIST CSFIT infrastructurenetwork infrastructureoperational technologyrisk managementproject managementtechnology risk
Soft skills
client relationship managementcommunicationleadershipstrategic deliverycrisis managementteam managementpresentation skillsinterpersonal skillsproblem-solvingadaptability
Certifications
CISSPCISMISO27001 lead auditorSANs