Job Description

Ensign is hiring !

Responsibilities:
• Report to the Head of Cyber Strategy Consulting.
• Lead and deliver cybersecurity strategy consulting engagements such as Cybersecurity Maturity Assessments, advisory, business transformation, Framework and Policy reviews.
• Serve as a trusted advisor to senior client stakeholders (Board, C-suite, CIO/CISO, Risk leaders).
• Use a Threat-Informed Defence approach to contextualise and prioritise actionable cybersecurity strategies given the client’s business objectives and environment.
• Facilitate workshops and discussions to elicit stakeholder inputs using design-thinking approaches.
• Lead workstreams or small teams across multiple engagements, managing client expectations, ensuring high-quality and on-time delivery.
• Coach and mentor junior consultants, providing guidance on both technical and consulting skills.
• Drive service improvements and innovation by contributing to internal methodologies, accelerators, and intellectual capital.
• Contribute to thought leadership (e.g. whitepapers, public consultations, podcasts).
• Support proposal development, client pursuits, and account growth activities.
• Stay current on emerging cyber threats, regulations, and industry trends to inform client advice.

Requirements: 
• Relevant cybersecurity certification, e.g. CISSP, CISM
• Bachelor’s degree in Information Security, Engineering, Computer Science, Information Systems, or relevant fields. Relevant Master’s degree will be a plus.
• Typically 6–10+ years of experience in cybersecurity, technology, or management consulting, with at least:
• 3+ years in a client-facing consulting or advisory role
• Demonstrated experience delivering cybersecurity strategy or technology transformation engagements
• Strong structured problem-solving and analytical skills.
• Excellent written and verbal communication, including the ability to communicate complex cyber topics to non-technical executives.
• Executive presence and confidence in engaging senior stakeholders.
• Keep abreast of business and technology trends and understand the implications to the clients.
• Comfortable working in ambiguous, fast-paced environments.
• Collaborative team player with a coaching mindset.
• Proficient in Microsoft Office suite and track record of developing high quality deliverables to clients.
• Applicants selected may be subjected to security screening and may need to meet eligibility requirements for access to classified information.

Preferred Skills /Qualities: 
• Familiar with international regulations such as Cybersecurity Laws, Privacy Laws, and international cybersecurity standards, including NIST Cybersecurity Framework, NIST SP 800-53, IEC 62443, MITRE ATT&CK and/or ISO 27001.
• Experience working with or advising regulated industries (e.g. financial services, critical infrastructure, healthcare, public sector) is a plus.
• Experience engaging with regulators or internal risk/compliance functions is a plus.
• Familiarity with developing and implementing cybersecurity strategies, developing and delivering tabletop exercises and executive trainings are a plus.
• Experience in incident or crisis management is a plus.
• Business or native proficiency in languages other than English is a plus.
• Ability to travel 25% of the time.