Back to All Jobs
Cyberjaya
1 day ago
Cybersecurity Lead Consultant

Job Title: Cybersecurity Lead Consultant (GRC, SOC & Offensive Security).

Overview: 

·       We are seeking a senior Cybersecurity Lead Consultant with deep, hands-on expertise across Cybersecurity Architecture, Governance Risk & Compliance (GRC), Security Operations (SOC), and Penetration Testing.

·       This role combines technical depth, strategic advisory, and executive-level communication, enabling the consultant to guide enterprise customers in defining, implementing, and maturing their cybersecurity programs.

·       The ideal candidate is a trusted advisor to C-suite and senior leadership, capable of articulating security trade-offs, business risk, and ROI, while also laying the foundation and overseeing large-scale security implementations.

Key Responsibilities

Cybersecurity Strategy & Advisory.

·       Act as a lead security advisor to enterprise customers, including CIO, CISO, CTO, and Risk Leaders

·       Define end-to-end cybersecurity strategies and roadmaps aligned to business goals, regulatory requirements, and risk appetite.

·       Clearly articulate pros and cons of security architectures, tools, and operating models, enabling informed executive decisions.

·       Translate technical security risks into business impact, financial exposure, and compliance implications.

Governance, Risk & Compliance (GRC).

·       Lead GRC assessments, risk profiling, and compliance programs.

·       Design and implement security governance frameworks aligned to ISO 27001, NIST, SOC 2, PCI-DSS, GDPR, HIPAA, and regional regulations.

·       Define policies, standards, controls, and risk treatment plans.

·       Support audits, regulatory assessments, and executive risk reporting.

Security Operations & SOC.

·       Design and assess SOC operating models (in-house, managed, hybrid).

·       Oversee implementation and optimization of SIEM, SOAR, EDR/XDR, and threat intelligence platforms.

·       Define incident response, detection, and escalation processes.

·       Provide executive guidance during major security incidents and post-incident reviews.

Penetration Testing & Offensive Security.

·       Lead or oversee penetration testing, vulnerability assessments, red-team exercises, and security testing programs.

·       Review findings, prioritize remediation, and advise on risk-based mitigation strategies.

·       Ensure offensive security outcomes are translated into practical defensive improvements.

Solution Architecture & Delivery Oversight.

·       Define enterprise security architectures covering cloud, application, network, identity, and data security.

·       Oversee security implementation programs, ensuring design integrity, delivery quality, and risk reduction.

·       Collaborate with delivery teams, partners, and vendors to ensure successful outcomes.

·       Provide technical governance and quality assurance across security initiatives.

Pre-Sales & Executive Engagement.

·       Support pre-sales, proposals, and solution shaping for strategic security engagements.

·       Lead executive workshops, board-level briefings, and security strategy sessions
Build long-term trusted relationships with customer stakeholders.

 

Required Experience & Skills
Experience.

·       12+ years of progressive experience in cybersecurity, with significant technical expertise.

·       Proven experience working with large enterprises or regulated industry customers.

·       Demonstrated success engaging with executives and C-suite leaders.

·       Experience leading multi-domain security programs across GRC, SOC, and offensive security.

 

Technical Expertise & Strong understanding of:

·       Cybersecurity architecture (cloud, on-prem, hybrid)

·       GRC frameworks and regulatory compliance

·       SOC operations, incident response, and threat management

·       Penetration testing and vulnerability management

·       Familiarity with major security platforms and tools (SIEM, EDR/XDR, IAM, CSPM, DLP, SOAR).

Leadership & Communication:

·       Exceptional ability to communicate complex security topics in business language
Strong consulting mindset with stakeholder management and influence skills.

·       Ability to challenge customer assumptions and guide risk-based decision-making
Experience mentoring teams and providing technical leadership.

 

Certifications (Preferred):

·       CISSP, CISM, CISA, CRISC

·       ISO 27001 Lead Implementer / Auditor

·       CEH, OSCP, or equivalent offensive security certifications

·       Cloud security certifications (AWS, Azure, or GCP Security)

Show More
Save & Apply Later Applying Later... Click to ApplyI AppliedDidn't Apply
Confirm your E-mail: Send Email
Apply for this job
Next Job »
All Jobs from UST Global Inc
4 UST Global Inc jobs in Cyberjaya 1,470 UST Global Inc jobs in
Next Job »
Search Jobs Ust Global Inc Apply Later
Processing Unique Jobs for You: