Job Description

We are seeking a Cybersecurity Auditor/Assistant Manager/Manager to support our Cybersecurity Consulting practice. This position assists Consultants in planning and executing information technology audits, client risk assessments, data privacy protection and GRC Advisory engagements for our rapidly expanding client portfolio.

Responsibilities:

• Support Seniors and Consultants with onsite assessments, such as IM8+, MAS TRM, Cyber Hygiene notices/circulars, ISO 27001, Maturity Assessment, Data Privacy advisory, Social Engineering exercises and NIST CSF engagements
• Manage client relationships and expectations with effective communication
• Coordinate day-to-day operations with Seniors, Consultants and clients (i.e. schedule and lead meetings; create agendas; develop document request lists; document walkthrough narratives, control designs and tests of operating effectiveness)
• Assist Senior Consultants with the preparation and review of draft reports
• Assist with audit quality and assurance procedures
• Utilise base knowledge of information security systems, risks and controls
• Perform other administrative duties and assist with internal initiatives as assigned

• Bachelor’s degree from an accredited university in IT, accounting, data analytics or a related field
• Two to five (2-5) years of experience in information security, IT audit or a related field preferred
• Focused experience with ISO 27001/MAS TRM/SOC/IM8/NIST preferred
• Ideally, working knowledge and technical experience with Windows OS, Linux, AWS, GCP, Azure, and SQL Server
• Understanding of TCP/IP, common networking ports and protocols, traffic flow, system administration, OSI model, defense-in-depth and common security elements
• Familiarity with tools, such as GSuite, Trello, Slack, Discord
• Excellent interpersonal, written and verbal communication skills
• Exemplary time-management skills with the ability to juggle multiple projects and priorities
• Self-starter with a solution-oriented mindset and the ability to thrive in a fast-paced environment, at times with well-defined goals, but limited formal procedures/structure
• Must be a team player, passionate about the BDO mission, and have an innovative mindset
• Working toward or already have certifications, such as CISA, CISSP, CISM, CRISC, CDPSE, CIPM, CIPT, CSX-F, PCI QSA, and others related to information security and audit