Horangi sedang merekrut seorang

Lead Cybersecurity Consultant (Strategic and GRC) - Jakarta

Loker ini dibuat lebih dari 2 bulan yang lalu
Cek ketersediaan dengan klik lamar. Tidak tersedia? Cek loker lain di Jakarta.
Building a Safer Cyberspace:
At Horangi, we’re passionate about building safer cyberspace and creating software and services that solve challenging cybersecurity problems. Horangi focuses on building partnerships with our customers, developing an understanding of their business goals and building a security strategy that helps achieve their objectives. Horangi’s personnel have extensive engineering experience and a strong background in offensive and strategic consulting including both large multinational networks and small organizations with focused missions. We enjoy solving tough security problems and we are eager to find new challenges and build new relationships.

The Role:
Horangi CyberOps Consultant works directly with Horangi’s customers to perform cyber security assessments. Members of the CyberOps team are generally familiar with most aspects of cybersecurity but specialize in web application security, network penetration test, mobile application security, red-teaming activity, phishing campaign and security awareness, secure code review and cloud security. In addition, they work closely with the R&D and engineering team to build up our product and service capabilities. 

We are looking for someone who:

  • Passionate in the cybersecurity domains and strive to explore new technologies, skillset, frameworks and trends
  • Being proactive and work independently with minimal supervision and like having autonomy a to make decisions.
  • Being a team player, trust and challenge each other, possess good interpersonal communication skills and helping mind in a team-oriented environment
  • Being able to communicate well, and willing to receive criticism and feedback
  • Ability to adapt fast in a startup environment
  • Being responsible and take pride in your work, willing to proactively conduct research as necessary to perform the assessment properly and improve the quality of deliverables 
  • Able to prioritise shifting workloads in a rapidly changing industry. 
  • Being user-centric and empathise with the client to solve their problems
  • Willing to travel around within South-east Asia and enjoy being out of your comfort zone.
  • Understanding and interest in recognized cybersecurity-related methodologies, best practice and industry standards such as NIST Cybersecurity Framework, ISO 27001, or PCI-DSS
  • Proper general knowledge of Cybersecurity Technologies, Networking Technologies Information Security/Assurance/Audit, Governance, Risk Management, Compliance, Strategic Planning, Project Management and Client Management and Cloud Technologies (e.g. AWS, GCP, Azure, AliCloud)
  • Understanding of how business strategy, risk, regulation and technical constraints influence organisational responses to cyber security.
  • Excellent Bahasa Indonesia and English communication skills – both oral (for interviews/meetings, presentations) and written (for designing and writing engaging reports which communicate assessment reports succinctly and clearly convey the message in a way which is appropriate for the audiences)
  • Strong business skills including presentation and report writing skills, analytical and problem-solving capabilities, strong project management, facilitation and delivery skills.

Key Responsibilities

  • Plan, manage and organise the delivery of cybersecurity services to clients
  • Conduct various cybersecurity assessments such as: Strategy Assessments, Risk Assessments, Compliance Gap Analyses to comply with local and global standards, privacy rules and regulations such as PCI-DSS, ISO 27001, SOC2, MAS-TRM, RMIT, NIST 800-53, POJK/PBI/Menkominfo cybersecurity-related regulations
  • Develop cybersecurity roadmap based on gap assessment result, best practices frameworks and client's business alignment
  • Promoting information security awareness through awareness socialisation and training.
  • Consult and advise with client's organizational personnel at tactical, operational, and strategic levels to achieve project goals on compliance toward a variety of regulatory compliance and industry standard frameworks
  • Contribute to the development of the cybersecurity service framework within the firm.
  • Draft, report and present to customer including leadership and executive management on on assessment findings, program statuses, and other security items as they impact business goals
  • Participate in presales engagements to educate prospective clients and assist in creating value and developing the optimum set of services for clients
  • Develop and deliver content on security domains of expertise to establish yourself, our team, and our brand as thought leaders in the community
  • Participate in speaking engagements and industry events to establish yourself, our team, and our brand as thought leaders in the community

Experience and Certification

  • Three (3) years or more of cybersecurity strategic or GRC (governance, risk and compliance) and client-facing consulting experiences
  • Experience in leading and managing small groups of people and cybersecurity projects
  • At least one Cybersecurity-related certification, eg: ISO 27001 Lead Implementor / Lead Auditor, ISC2 CISSP, ISACA CISA, ISACA CISM, ISACA CGEIT, ISACA CRISC
  • Experience in risk & regulatory frameworks and standards such as NIST Cybersecurity Framework, ISO 27001, or PCI-DSS
  • Experience with the cybersecurity technologies such as Data Loss Protection, Identity Management, Cryptography & Certificate Authority, NextGen Firewalls, IPS and IDS, and GRC technologies.
  • Experience in delivering cybersecurity services, preferably for multinational companies which can include: developing and implementing cybersecurity policies and procedures; promoting information security awareness; reporting to relevant stakeholders on a regular basis on security-related matters.
  • Experience in working with different units/parties on security-related matters
Silakan referensi bahwa Anda menemukan lowongan kerja ini di Fungsi.id, ini membantu kami mendapatkan lebih banyak lowongan kerja berkualitas di sini, terima kasih!
Jenis kontrak
Full Time
Lokasi
Tanggal posting
15 September, 2018