Vulnerability Architect

Turnkey Consulting is an independent risk and security consultancy that brings together people, protection, and performance to help organisations achieve Digital Enterprise Resilience. For more than 20 years, Turnkey has enabled the world’s leading companies to understand and optimise their risk and security landscape through assessment-based road mapping, organisational empowerment, and expert application of market-leading technologies. Turnkey is headquartered in London with offices across Asia, Australia, Europe, and North America.

We are seeking an experienced individual with a strong foundation in SAP Vulnerability Management and Threat Detection systems and associated controls, proficiency in SAP environments, and awareness of Cyber Security frameworks.

• Design, implement, and assess vulnerability management frameworks, primarily within SAP-enabled environments.
• Lead client conversations on SAP Vulnerability and Threat Management strategy, compliance challenges, and controls optimisation.
• Provide insight on Information Security frameworks (OWASP/NIST/NIS2 etc.) and the Secure Operations Map, helping communicate regulatory or good practice obligations and actionable solutions.
• Manage and mentor junior consultants and analysts to aid a high-performance team culture.
• Support business development activities, including scoping, proposal development, and client pitches throughout the sales lifecycle.
• Build long-term relationships with clients as a trusted advisor in controls and compliance.

• Ability to focus on the “why” of our solutions, not just the how.
• Demonstrable experience in prioritising the client’s objectives
• Passionate about improving the perception of the industry towards a more business growth enabling function.
• Demonstrable ability to build productive relationships with both internal and external stakeholders in a hybrid working environment.

• Strong experience designing and executing detection and protective controls, ideally within SAP ERP systems.
• Experience in one of Onapsis, Security Bridge, SAP ETD, Pathlock CAC.
• Strong experience of implementing vulnerability management controls (implementation and testing).
• Knowledge of relevant industry frameworks and vendor solutions aligned to provide such control solutions.
• Demonstrated ability to lead engagements and communicate effectively with senior stakeholders.
• Proven track record in team management and mentoring.
• Familiarity with the consulting sales lifecycle, including opportunity identification and bid support.
• Excellent analytical, presentation, and organisational skills.

• Professional certifications such as CREST or equivalent.
• Experience in risk advisory or Big Four consultancy environment.
• Exposure to emerging technologies in risk and controls, such as automation, data analytics, AI etc.

Reports to: RSC Director

Salary: Competitive salary depending on a combination of factors, including level of experience and expertise, in addition to an OTE bonus.

Location: Based in our Germany office, with hybrid working (expected office working 2-3 days per week). Occasional travel to our offices in other countries will be expected as part of this role if there is a requirement to do so.