Consultant, Governance, Risk & Compliance

Other Jobs To Apply

NCS is a leading technology services firm that operates across the Asia Pacific region in over 20 cities, providing consulting, digital services, technology solutions, and more. We believe in harnessing the power of technology to achieve extraordinary things, creating lasting value and impact for our communities, partners, and people. Our diverse workforce of 13,000 has delivered large-scale, mission-critical, and multi-platform projects for governments and enterprises in Singapore and the APAC region. 

As a Security Consultant (GRC), you will be involves in assessing security measures, identifying vulnerabilities, and recommending solutions to enhance our clients' security posture.

What will you do?

  • Provide security risk assessment services to clients to help identify, analyse, evaluate and treat security risks.
  • Perform security architecture and design reviews to identify and address security gaps
  • Perform cyber threat modelling using known industry methodologies such as the MITRE ATT&CK, STRIDE-LM and PASTA.
  • Perform compliance and readiness assessments against security standards and frameworks.
  • Perform cybersecurity audits against regulatory requirements.
  • Conduct security workshops (e.g. training and awareness, table-top exercises, etc)
  • Collaborate with internal teams and clients to deliver security requirements for complex projects.
  • Manage multiple projects as a team to ensure that deliverables are completed in a timely manner
  • Develop materials and tools for delivery of consultancy services (e.g. workpapers, report templates).
  • Prepare high-quality reports and documentation for clients.

The ideal candidate should possess:

  • Degree or higher in Cybersecurity, Computer Science, Engineering, or Information Systems
  • Minimum of 1-3 years working in areas of cybersecurity risk management, cyber governance and/or audit; experience in other areas of cybersecurity will be considered
  • Experience in Singapore based Government projects will have an added advantage
  • Knowledge of cybersecurity frameworks, industry standards or regulatory requirements such as the following will be advantageous:
    • NIST Cyber Security Framework;
    • GovTech ICT&SS;
    • System Security Plan
    • Cybersecurity Code of Practice;
    • MITRE ATT&CK Framework
  • Industry certifications such as CISSP, CRISC and CISA are highly desirable.
  • Highly motivated individual with a positive “can-do” attitude, creative with excellent oral and written communication skills.
  • Due to government project sensitivity, we will only consider Singapore Citizen

We are driven by our AEIOU beliefs—Adventure, Excellence, Integrity, Ownership, and Unity—and we seek individuals who embody these values in both their professional and personal lives. We are committed to our Impact: Valuing our clients, Growing our people, and Creating our future.  

Together, we make the extraordinary happen.  

Learn more about us at ncs.co and visit our LinkedIn career site. 

Back to blog

Related Posts