vCYBERIZ

GRC Consultant

Run Cybersecurity Maturity Assessments (CMA/SMA) and risk evaluations for clients, aligned with industry frameworks, to improve security posture, governance, and operational resilience. Deliver gap assessments, cybersecurity roadmaps, and executive-level reporting while supporting compliance and audit readiness initiatives.

Job Description

On-site
vCyberiz Sdn Bhd, Selangor, Malaysia

Team: Security Consulting

Designation: Consultant – Cyber Risk & Compliance

Job Role: Run Cybersecurity Maturity Assessments (CMA/SMA) and risk evaluations for clients, aligned with industry frameworks, to improve security posture, governance, and operational resilience. Deliver gap assessments, cybersecurity roadmaps, and executive-level reporting while supporting compliance and audit readiness initiatives.

Experience: 5+ years

Job Location: vCyberiz Sdn Bhd, Selangor, Malaysia

Shifts: Day Shift (flexibility required; on-call support when needed)

Essential Technical skills:
  • Experience conducting Cybersecurity Maturity Assessments aligned with frameworks such as NIST CSF, ISO 27001, COBIT, and CMMI.
  • Experience performing qualitative and quantitative cyber risk assessments to identify, prioritize, and mitigate security risks.
  • Experience assessing third-party and supply chain cybersecurity risks.
  • Strong understanding of cybersecurity governance, risk management, and compliance frameworks including NIST RMF, ISO 27005, ISO 31000, and NIST 800-30.
  • Experience supporting ISO 27001 and ISO 20000-1 certification readiness and audit activities.
  • Ability to develop cybersecurity roadmaps, gap analyses, and maturity improvement plans.
  • Familiarity with FAIR risk methodology and cybersecurity risk assessment tools.

Non-Technical Skills

  • Strong ability to communicate cybersecurity risks and assessment findings to executive and non-technical stakeholders.
  • Experience facilitating client workshops and training sessions on cybersecurity best practices.
  • Ability to manage end-to-end client engagements from scoping through final report delivery.
  • Experience collaborating with IT, Risk, and Compliance teams to align cybersecurity initiatives with business objectives.
  • Strong analytical, presentation, and report-writing skills.
  • Ability to mentor junior consultants and support knowledge sharing within the team.
  • Experience supporting business development activities, including proposal writing and client presentations.

Skills

Cybersecurity ConsultingRisk ManagementGovernance & ComplianceClient EngagementExecutive ReportingWorkshop FacilitationStakeholder ManagementAudit ReadinessBachelor’s/Master’s in CybersecurityBachelor's/Master's in Information SecurityCRISCISO 27001 LACC (ISC)²

Note: Only accepts pdf files (max 10MB)