Senior Consultant, Cyber Strategy

Ensign is hiring !

Responsibilities:
•           Report to the Head of Cyber Strategy Consulting.
•           Lead and deliver cybersecurity strategy consulting engagements such as Cybersecurity Maturity Assessments, advisory, business transformation, Framework and Policy reviews.
•           Serve as a trusted advisor to senior client stakeholders (Board, C-suite, CIO/CISO, Risk leaders).
•           Use a Threat-Informed Defence approach to contextualise and prioritise actionable cybersecurity strategies given the client’s business objectives and environment.
•           Facilitate workshops and discussions to elicit stakeholder inputs using design-thinking approaches.
•           Lead workstreams or small teams across multiple engagements, managing client expectations, ensuring high-quality and on-time delivery.
•           Coach and mentor junior consultants, providing guidance on both technical and consulting skills.
•           Drive service improvements and innovation by contributing to internal methodologies, accelerators, and intellectual capital.
•           Contribute to thought leadership (e.g. whitepapers, public consultations, podcasts).
•           Support proposal development, client pursuits, and account growth activities.
•           Stay current on emerging cyber threats, regulations, and industry trends to inform client advice.
 
Requirements: 
•           Relevant cybersecurity certification, e.g. CISSP, CISM
•           Bachelor’s degree in Information Security, Engineering, Computer Science, Information Systems, or relevant fields. Relevant Master’s degree will be a plus.
•           Typically 6–10+ years of experience in cybersecurity, technology, or management consulting, with at least:
•           3+ years in a client-facing consulting or advisory role
•           Demonstrated experience delivering cybersecurity strategy or technology transformation engagements
•           Strong structured problem-solving and analytical skills.
•           Excellent written and verbal communication, including the ability to communicate complex cyber topics to non-technical executives.
•           Executive presence and confidence in engaging senior stakeholders.
•           Keep abreast of business and technology trends and understand the implications to the clients.
•           Comfortable working in ambiguous, fast-paced environments.
•           Collaborative team player with a coaching mindset.
•           Proficient in Microsoft Office suite and track record of developing high quality deliverables to clients.
•           Applicants selected may be subjected to security screening and may need to meet eligibility requirements for access to classified information.
 
Preferred Skills /Qualities: 
•           Familiar with international regulations such as Cybersecurity Laws, Privacy Laws, and international cybersecurity standards, including NIST Cybersecurity Framework, NIST SP 800-53, IEC 62443, MITRE ATT&CK and/or ISO 27001.
•           Experience working with or advising regulated industries (e.g. financial services, critical infrastructure, healthcare, public sector) is a plus. 
•           Experience engaging with regulators or internal risk/compliance functions is a plus.
•           Familiarity with developing and implementing cybersecurity strategies, developing and delivering tabletop exercises and executive trainings are a plus.
•           Experience in incident or crisis management is a plus.
•           Business or native proficiency in languages other than English is a plus.
•           Ability to travel 25% of the time.