Job Description

Ensign is hiring !

CISO-as-a-Service and Cybersecurity Advisory

• Serve as a virtual CISO for clients, providing cybersecurity leadership, strategy, governance and oversight.
• Develop, implement and maintain cybersecurity policies, procedures, standards and operating models for clients.
• Provide cybersecurity risk management services, including risk assessments, vulnerability assessments, maturity assessments, threat analysis and security programme reviews.
• Advise client executive teams and senior stakeholders on cybersecurity strategy, risk posture, regulatory obligations and investment priorities.
• Conduct cybersecurity programme assessments and provide practical recommendations to improve clients’ security posture and resilience.
• Provide guidance and mentorship to clients’ internal security teams, including support for policy development, programme management, risk governance and security operations.
• Develop and deliver cybersecurity training, awareness and executive briefing programmes for clients.
• Support incident readiness, response planning and crisis management activities, including tabletop exercises and executive-level cyber simulations.
• Work with internal cybersecurity professionals to ensure client programmes are aligned with the organisation’s broader security strategy, service capabilities and delivery standards.
• Assist in developing proposals, statements of work, service plans, executive presentations and other client-facing deliverables as part of the sales and account development process.

Client Success and Service Delivery Leadership

• Lead and manage a team of Client Success Managers responsible for client engagement, resource coordination, service delivery tracking and client satisfaction.
• Oversee resource allocation, resource management and utilisation across cybersecurity service engagements to ensure effective deployment of consultants, analysts and technical specialists.
• Manage client success activities across a broad portfolio of cybersecurity services, including but not limited to security testing, red teaming, purple teaming, threat hunting, incident response, maturity and risk assessments, tabletop exercises, advisory services and cyber threat intelligence services.
• Ensure that cybersecurity engagements are delivered in accordance with agreed scope, budget, schedule, resource plans and quality expectations.
• Monitor service delivery performance, including project progress, consultant utilisation, delivery risks, client satisfaction, financial performance and operational escalations.
• Work closely with practice leads, delivery teams, project managers and sales teams to balance client demand, delivery capacity and commercial objectives.
• Act as an escalation point for client management matters, including delivery issues, scope changes, resourcing constraints, service quality concerns and stakeholder alignment.
• Drive structured account governance with clients, including regular service reviews, delivery updates, risk discussions, roadmap planning and executive-level reporting.
• Support client retention, growth and expansion by identifying opportunities to enhance service value, improve cybersecurity outcomes and deepen client relationships.
• Ensure consistent delivery standards, reporting quality and client communication across multiple cybersecurity service lines.
• Contribute to the development of service delivery frameworks, client success processes, utilisation dashboards and operating metrics to improve delivery efficiency and management visibility.

Qualifications

• Bachelor’s degree in Computer Science, Information Security, Cybersecurity, Information Systems or a related field preferred.
• At least 10 years of experience in cybersecurity, with prior experience in CISO, virtual CISO, cybersecurity advisory, consulting leadership or similar senior roles preferred.
• Proven experience managing cybersecurity service delivery, client engagements, project portfolios or consulting teams.
• Strong understanding of cybersecurity concepts and technologies, including network security, endpoint security, cloud security, identity security, threat intelligence, security testing, incident response and security operations.
• Experience developing and implementing cybersecurity policies, procedures, standards, governance frameworks and security operating models.
• Strong understanding of current cyber threats, adversary tactics, regulatory expectations and industry trends.
• Experience managing budgets, schedules, resources, utilisation and service delivery performance across multiple client engagements.
• Ability to lead teams, manage senior client stakeholders and coordinate across sales, delivery, technical and advisory functions.
• Excellent communication, presentation and interpersonal skills, with the ability to communicate cybersecurity risks and technical matters to both technical and non-technical stakeholders.
• Strong commercial awareness, with experience supporting proposals, statements of work, account planning and client growth activities.
• Relevant certifications such as CISSP, CISA, CISM, CRISC or equivalent are essential.

Candidates Possessing the Following Experience / Skills Will Be Considered Favourably

• Familiarity with Singapore cybersecurity regulations, regulatory expectations and industry-specific cybersecurity standards.
• Experience providing services related to the Singapore Cybersecurity Code of Practice, including CCoP-aligned assessments, advisory or implementation support.
• Experience supporting cybersecurity programmes for critical information infrastructure, financial services, government, healthcare, transport, energy, telecommunications or other regulated sectors.
• Experience delivering or overseeing services such as security testing, red teaming, purple teaming, threat hunting, incident response, tabletop exercises, cyber threat intelligence, governance reviews and maturity assessments.
• Strong client engagement and stakeholder management skills, particularly with C-suite, board-level, risk, technology and security leadership stakeholders.
• Demonstrated ability to manage client expectations, resolve delivery escalations and maintain trusted advisor relationships.
• Experience building or managing client success, service delivery or consulting operations teams.
• Strong understanding of project financials, consultant utilisation, resource planning and delivery governance.