Cyber Risk Position:
Associate Reporting line:
Managing Director, Cyber Risk vCISO/DPO Location:
Asia Pacific Region - Philippines
Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services. Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 5,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.
This is an excellent opportunity to join the leadership of a rapidly growing, world-leading global team at the forefront of cyber security and investigations.
For more details about the wide range of cyber risk management services, please go to www.kroll.com/en/services/cyber-risk Job Description
- Leveraging Information Security and Cyber Security experience, and working with the global team for delivery of various vCISO, technical assessments, data privacy compliance, cyber risk assessments, data protection impact assessments, governance reviews and other security assessment and risk advisory services
- Analysing and assessing risk to client's information technology systems and enterprise environment either in one-off engagements or as the client's permanent partner
- Able to deliver assessments and thought leadership across a range of security frameworks and topics, such as but not limited to NIST Cyber Security Framework, Cloud Security, Security Operations Centre, ISO 27001
- Taking ownership of projects and deliverables and assisting in strategy planning for delivering CISO related services as assigned
- Knowledgeable or with experience of data privacy and data protection laws, regulations and operational implementation, such as EU-GDPR, Singapore PDPA, Philippine DPA of 2012 and other jurisdictional personal data laws and regulations.
- Working knowledge of key security focus topics, such as DevSecOps, Vulnerability Management, Cloud Security,etc.
- Producing accurate, high quality client reports and proposals
- Creating high quality cyber security policies and procedures
- Staying up-to-date with relevant cyber security legislation, frameworks and industry trends
- Coordinating and working closely with team members in other Kroll offices
- Must have demonstrable experience of at least four years within security and/or data protection departments within medium to large organisations
- Be a hands-on practitioner when it comes to analysing, assessing and managing risk
- Understand relevant cyber security legislation and regulatory/ maturity frameworks
- Have excellent written and spoken English (knowledge of a second Asian language an advantage)
- Able to manage multiple projects on a daily basis
- CISSP, CISA, CISM, CIPM, CIPP certifications preferred but not required
- Willingness to travel
Above all, Kroll expects candidates to be excellent communicators, intellectually curious and willing to immerse themselves into new challenges. In return, the company provides an environment where there is on-going training and unparalleled exposure to a wide range of clients, assignments and technologies.
In order to be considered for a position, you must formally apply via careers.kroll.com.
Kroll is committed to equal opportunity and diversity, and recruits people based on merit.