We are seeking an experienced IT Consultant to deliver technical solutions, optimize systems, and provide strategic support. Application open to local residents only.
Audit & Compliance
Plan, lead, and execute IT audits, ISMS audits, and compliance reviews against frameworks such as ISO 27001, NIST, SOC 2, and local regulatory requirements (e.g., FSC, BoM).
Develop, review, and assess IT policies, procedures, and controls to ensure compliance with international standards and local regulations.
Prepare detailed audit reports, risk assessments, and executive summaries with practical remediation guidance.
Support third-party/vendor risk assessments and ensure compliance with security requirements.
Risk Management & Cybersecurity Projects
Lead the risk management team, overseeing development of risk methodologies, risk registers, and treatment plans.
Drive risk assessment and risk treatment activities in cybersecurity projects and CaaS (Cybersecurity-as-a-Service) engagements.
Act as Risk Lead in client-facing cybersecurity programs, including policy development, incident response planning, and BCP/DRP reviews.
Monitor risk remediation and corrective action plans, ensuring timely closure of gaps identified during audits or assessments.
Client Engagement & Advisory
Serve as primary liaison with clients for audit activities, risk workshops, policy discussions, and executive briefings.
Lead steering committees and audit kick-off/debrief sessions with C-level stakeholders.
Provide advisory support on ISMS implementation, compliance strategies, and cybersecurity maturity improvements.
Deliver training, awareness sessions, and workshops on IT risk, governance, and regulatory compliance.
Leadership & Team Management
Manage and mentor junior auditors and risk analysts.
Oversee allocation of risk team resources across multiple projects.
Ensure continuous professional development within the risk team (training, certifications, workshops).
Qualifications & Certifications
Essential:
Bachelor’s degree (BSc) in Information Security, IT, Computer Science, or related field.
A minimum of 5 years
ISO 27001 Lead Auditor certification.
Proven track record in IT auditing, ISMS implementation, and risk management.
Preferred (Nice-to-have):
CISA (Certified Information Systems Auditor).
ISO 27001 Lead Implementer certification.
Additional certifications (e.g., CRISC, ISO 27005 Risk Manager).
Experience with financial sector audits (FSC, BoM regulatory frameworks).
Knowledge of cloud security frameworks (ISO 27017).
Skills & Competencies
Strong understanding of IT audit methodologies, risk frameworks, and governance standards.
Ability to lead and inspire teams, manage client relationships, and communicate effectively with executives.
Solid knowledge of information security controls, including vulnerability management, incident response, and business continuity.
Excellent report writing, presentation, and advisory skills.
Ability to balance strategic risk leadership with hands-on audit execution.