Cybersecurity Consultant – ISO 27001, NIST Expert

About Stone Cybersecurity Pte Ltd

Stone Cybersecurity Pte Ltd is a leading cybersecurity consulting firm in Singapore and a CREST-accredited service provider. We help organizations across industries strengthen their security posture, achieve compliance, and mitigate cybersecurity risks. Our team is passionate about protecting businesses from cyber threats and fostering a collaborative and innovative work environment that values continuous learning and professional growth.

The Opportunity

We are seeking a highly skilled Cybersecurity Consultant to lead ISO 27001 and NIST audit and readiness services. The ideal candidate will play a critical role in helping clients strengthen their cybersecurity posture, achieve compliance with industry best practices, and implement robust security architectures.

[Key Responsibilities]

Compliance & Audit Expertise

• Conduct ISO 27001 and NIST audits, identifying security gaps and areas for improvement.

• Perform readiness assessments and assist clients in preparing for certification audits.

• Guide organizations through ISO 27001 certification preparation and internal audit processes.

• Provide consulting on NIST Cybersecurity Framework (CSF), NIST 800-53, and NIST 800-171 compliance and security controls.

Security Architecture & Risk Management

• Design, implement, and test system security architectures to meet compliance and security standards.

• Perform risk assessments, threat modeling, and security reviews to identify vulnerabilities and recommend mitigations.

• Work closely with technical teams to assess security postures and improve security designs.

Security Awareness & Policy Development

• Develop information security policies and procedures aligned with industry best practices.

• Deliver engaging security awareness training to educate employees on cybersecurity risks and best practices.

• Support clients with incident response planning and security governance frameworks.

[What You Bring]

Must-Have Qualifications

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or a related field.

• Minimum 3 years of experience in cybersecurity consulting, compliance audits, risk management, or security architecture.

• Expertise in ISO 27001:2022, NIST CSF and NIST 800-53 frameworks.

• Experience in designing, implementing, and testing system security architecture.

• Strong knowledge of compliance regulations (e.g., MAS TRM, PDPA, GDPR).

• Excellent report writing, presentation, and communication skills.

• Ability to work independently and manage client engagements.

Preferred Certifications (Highly Advantageous)

• ISO 27001 Lead Auditor / Implementer

• CISSP, CISA, CISM, CRISC

• CREST Registered Technical Security Architect (CRTSA)

• Information Systems Security Architecture Professional (CISSP-ISSAP)

Additional Preferences

• Experience with penetration testing, security architecture, or cloud security frameworks is a plus.

• Familiarity with SIEM, SOC operations, and security tools.

• Candidates who can join quickly will be given preference.

Why Join Us?

• Work with a highly skilled cybersecurity team in a CREST-accredited firm.

• Exposure to diverse cybersecurity projects across multiple industries.

• Opportunities for continuous learning and professional growth.

• Competitive salary and benefits package.