Enable job alerts via email!
Cybersecurity Lead Consultant
UST USource
Cyberjaya
On-site
MYR 150,000 - 200,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity consultancy in Cyberjaya seeks a Cybersecurity Lead Consultant to advise enterprise customers on strategies in GRC, SOC, and Offensive Security. The ideal candidate will have over 12 years of experience, leading programs spanning cybersecurity architecture and compliance while engaging with C-suite executives. This role involves defining security policies, overseeing risk assessments, and providing tactical guidance during security incidents, fostering relationships with stakeholders throughout large-scale implementations.
Qualifications
- 12+ years of experience in cybersecurity with deep technical expertise.
- Experience engaging with C-suite leaders and managing large enterprise projects.
- Familiarity with regulatory compliance frameworks.
Responsibilities
- Act as a lead security advisor for enterprise customers.
- Lead GRC assessments and compliance programs.
- Oversee SOC operations and incident response.
- Direct penetration testing and vulnerability assessments.
- Define enterprise security architectures and solutions.
Skills
Tools
Job Title: Cybersecurity Lead Consultant (GRC, SOC & Offensive Security).
We are seeking a senior Cybersecurity Lead Consultant with deep, hands-on expertise across Cybersecurity Architecture, Governance Risk & Compliance (GRC), Security Operations (SOC), and Penetration Testing. This role combines technical depth, strategic advisory, and executive-level communication, enabling the consultant to guide enterprise customers in defining, implementing, and maturing their cybersecurity programs. The ideal candidate is a trusted advisor to C-suite and senior leadership, capable of articulating security trade-offs, business risk, and ROI, while also laying the foundation and overseeing large-scale security implementations.
Cybersecurity Strategy & Advisory.
- Act as a lead security advisor to enterprise customers, including CIO, CISO, CTO, and Risk Leaders
- Define end-to-end cybersecurity strategies and roadmaps aligned to business goals, regulatory requirements, and risk appetite.
- Clearly articulate pros and cons of security architectures, tools, and operating models, enabling informed executive decisions.
- Translate technical security risks into business impact, financial exposure, and compliance implications.
Governance, Risk & Compliance (GRC).
- Lead GRC assessments, risk profiling, and compliance programs.
- Design and implement security governance frameworks aligned to ISO 27001, NIST, SOC 2, PCI-DSS, GDPR, HIPAA, and regional regulations.
- Define policies, standards, controls, and risk treatment plans.
- Support audits, regulatory assessments, and executive risk reporting.
Security Operations & SOC.
- Design and assess SOC operating models (in-house, managed, hybrid).
- Oversee implementation and optimization of SIEM, SOAR, EDR/XDR, and threat intelligence platforms.
- Define incident response, detection, and escalation processes.
- Provide executive guidance during major security incidents and post-incident reviews.
Penetration Testing & Offensive Security.
- Lead or oversee penetration testing, vulnerability assessments, red-team exercises, and security testing programs.
- Review findings, prioritize remediation, and advise on risk-based mitigation strategies.
- Ensure offensive security outcomes are translated into practical defensive improvements.
Solution Architecture & Delivery Oversight.
- Define enterprise security architectures covering cloud, application, network, identity, and data security.
- Oversee security implementation programs, ensuring design integrity, delivery quality, and risk reduction.
- Collaborate with delivery teams, partners, and vendors to ensure successful outcomes.
- Provide technical governance and quality assurance across security initiatives.
- Support pre-sales, proposals, and solution shaping for strategic security engagements.
- Lead executive workshops, board-level briefings, and security strategy sessions. Build long-term trusted relationships with customer stakeholders.
- 12+ years of progressive experience in cybersecurity, with significant technical expertise.
- Proven experience working with large enterprises or regulated industry customers.
- Demonstrated success engaging with executives and C-suite leaders.
- Experience leading multi-domain security programs across GRC, SOC, and offensive security.
- Technical Expertise & Strong understanding of:
- Cybersecurity architecture (cloud, on-prem, hybrid)
- GRC frameworks and regulatory compliance
- SOC operations, incident response, and threat management
- Penetration testing and vulnerability management
- Familiarity with major security platforms and tools (SIEM, EDR/XDR, IAM, CSPM, DLP, SOAR)
Leadership & Communication:
- Exceptional ability to communicate complex security topics in business language. Strong consulting mindset with stakeholder management and influence skills.
- Ability to challenge customer assumptions and guide risk-based decision-making. Experience mentoring teams and providing technical leadership.
Certifications (Preferred):
- CEH, OSCP, or equivalent offensive security certifications
- Cloud security certifications (AWS, Azure, or GCP Security)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
