Senior Consultant, Protect, Digital Risks (m/w/d)

Control Risks is seeking an experienced Senior Consultant to join its rapidly growing Digital Risk team. This is a unique opportunity that requires a highly motivated and diligent client-facing individual to join a highly successful team.  

The successful candidate will help deliver Control Risks’ cyber security risk assessment engagements primarily across the EMEA region and act as a subject matter expert on cyber security risk assessment. The candidate will need to demonstrate experience and expertise in the delivery of cyber security risk assessments and maturity and effectiveness in working with senior client stakeholders. The candidate will also need to be a team-player who is passionate about delivering high quality cyber security advice to some of the world’s largest organisations.   

Located in either Frankfurt or London, the successful candidate will be able to travel up to 25% of working time, with the occasional need to travel over weekends. Travel will primarily be in Europe but may include travel to Africa and further afield. The successful candidate must hold a valid passport for international travel. 

The successful candidate will have a minimum of 5 years of experience in a cyber security assurance and/or advisory role and will need to demonstrate deep understanding of the cyber security challenges facing our clients. The candidate will have an established track-record of delivering cyber security risk assessment projects to a diverse range of clients.  

Requirements

Managing and delivering client projects 

• Delivering projects (e.g., conducting asset identification exercises, cyber risk assessments against ISO and NIST CSF 2.0 standards, and demonstrating cyber audit expertise). 

• Managing different types of client meetings and maintaining positive and respectful client relationships.  

• Line management and upskilling of junior resources within the Digital Risks, Protect team. 

• Strategic delivery acting as virtual-CISO for our clients on an ongoing basis. 

• Project management of multiple cyber risk advisory engagements (e.g. running kick-off meetings, refining outputs, developing recommendations). 

• Working with key project stakeholders (e.g., gathering information from interviews, document reviews and presenting findings) while maintaining the confidence of the client through clear communication and good project management. 

• Provide flexible and responsive support as and when crisis management support is required and can be provided.  

Business Development 

• Owning end-to-end development and management of proposals for future client work. 

• Project scoping and planning, to support pricing.  

• Maintain up-to-date presale documents. 

• Contributing to and building complex, multi-service line proposals. 

• Cultivating long-term relationships with clients. 

• Participating in marketing to build the Control Risks brand. 

You must have all of these 

• Fluency in written and spoken English. 

• Experience in delivering cyber security risk assessments within an established global consultancy.  

• Proven experience in delivering risk assessments for several different clients against industry standards (NIST CSF, 800-53 and ISO27001). 

• An excellent knowledge of IT and network infrastructure, alongside cyber security best practices for securing networks. 

• The ability to explain difficult technical concepts and ideas in non-technical terms to senior executives. 

You might have some of these 

• Fluency in written and spoken German.  

• Strong understanding of operational technology cyber security best practices 

• A working familiarity on personal information and critical infrastructure information and cyber security regulations in the EU and wider European region. 

• A deep understanding of governance, standards, and compliance as they pertain to cyber security. 

• An undergraduate degree in a field related to security, information security, intelligence, or computer science.  

• Have a broad corporate experience and understanding of business process outsourcing and managing the third party cyber and information security risks that may arise. 

• Good knowledge of cyber risk issues impacting clients in Europe. 

• Undergraduate or ideally, a post graduate degree in a field related to security, information security, intelligence, or computer science.  

• CISSP, CISM, ISO27001 lead auditor, SANs or similar industry qualifications/certifications would be preferred. 

• Able to understand and analyse the client’s requirement and find solutions which are tailored to fit their needs. 

• An eagerness to find solutions which are practical and realistic to the threats and risks that clients face. 

• Capable of handling multiple priorities and tight deadlines while interacting with colleagues and clients. 

• Strong interpersonal skills; must be able to network and influence both internally and externally across different industries and functions.  

• Excellent communication and presentation skills.  

• Be able to continually act with diplomacy, tact, and integrity.  

• Ability to deliver whilst maintaining highest the professional standards and be results orientated.  

• Ability to think laterally helping to solve client issues.  

• Ability to travel internationally across Europe and occasionally Africa. 

We are looking for people who 

• Want to be part of something unique and distinctive, and have a passion for cyber security. 

• Take pride in their work and have exceptional attention to detail. 

• Thrive in a fast paced, innovative, and highly stimulating environment.  

• Are flexible in challenging situations, and relish teamwork.  

All employees are expected to display behaviours reflective of our company values: Integrity and Ethics, Collaboration and Teamwork, Commitment to People and Professionalism and Excellence. 

Benefits

• Control Risks offers a competitively positioned compensation and benefits package that is transparent and summarized in the full job offer.
• Control Risks supports hybrid working arrangements, wherever possible, that emphasize the value of in-person time together - in the office and with our clients - while continuing to support flexible and remote working.