Lead Consultant, GRC

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. 

As a Lead Consultant, GRC this incumbent will have at least 10 years of experience in cybersecurity and will provide professional services and advisory to our clients. This role involves assessing security measures, identifying vulnerabilities, and recommending solutions to enhance our clients' security posture.

What will you do?

• Plan and conduct Independent Reviews (IT process audits) on selected Applications/ Infrastructure with approval from Client to undercover gaps, improvement areas with the inclusion of tracking & reporting of remediation status to closure.
• Provide guidance to auditors within team to deliver high-quality work.
• Mentor auditors within team and ensure their professional growth and competency.
• Manage multiple stakeholders within a complex client environment.
• Conduct quarterly briefing sessions to project teams on frequently used policies/ directives and common observations/improvement area from audits to enhance compliance and create awareness.
• Provide consultation to project teams on queries related to standards/ policies/ directives.
• Provide advisory and QA to project teams and stakeholders on their responses, evidence, remediation plan to auditors or compliance related declarations during external audit exercise.
• Propose and implement improvement initiatives to enhance audit processes and compliance readiness
• Develop materials and tools for delivery of consultancy services (e.g. workpapers, report templates)

The ideal candidate should possess:

• Degree or higher in Cybersecurity, Computer Science, Engineering, or Information Systems
• Minimum of 10 years working in areas of information security governance, risk management, and audit; experience in other areas of information security will be considered
• Experience in Singapore based Government projects will have an added advantage
• Knowledge of:
  • Information security standards and frameworks such as ISO 27001/2, MAS TRM, NIST CSF, GovTech IM8, and CIS Controls
  • Security technologies and operations
  • GRC tools (ServiceNow IRM, RSA Archer)
  • Relevant industry certifications such as CISSP, CISM, CISA, CRISC and ISO27001 Lead Auditor are highly desirable.
• Experience in leading a team.
• Excellent in oral and written communication.
• Highly motivated individual with a positive “can-do” attitude, creative with excellent presentation, communication, negotiation, and interpersonal skills including strong persuasive techniques.

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.  

Together, we make the extraordinary happen.  

Learn more about us at ncs.co and visit our LinkedIn career site.