Cybersecurity Consultant (AWS Cloud Security, SOC)

Cybersecurity Consultant

Our client is in the educational institution sector, delivering academic excellence while safeguarding student, research, and institutional data through robust cybersecurity practices.

We are seeking an experienced Cybersecurity professional to lead and strengthen our enterprise security posture across cloud and on-premise environments. This role will drive cybersecurity governance, manage SOC/MSSP operations, oversee regulatory compliance initiatives (including Cyber Trust Mark and ISO 27001), and ensure proactive defense against evolving cyber threats.

Key Responsibilities

• Cloud Security Governance: Implement and continuously enhance security controls across public cloud platforms (Azure, AWS, Google Cloud, M365) to safeguard enterprise systems and data.
• Security Architecture & Controls: Design, review, and enforce cybersecurity policies, standards, and operational procedures aligned with industry best practices and regulatory requirements.
• SOC & MSSP Management: Manage and oversee Managed Security Service Providers (MSSP) and Security Operations Center (SOC) functions, ensuring effective monitoring, incident detection, response, SLA adherence, and continuous improvement.
• Cyber Trust Mark & ISO 27001: Lead and support Cyber Trust Mark certification initiatives and ISO 27001 ISMS implementation, maintenance, internal audits, and external certification processes.
• Risk & Threat Management: Conduct technical risk assessments, threat modelling, and system resilience reviews. Investigate threat intelligence feeds and emerging vulnerabilities to mitigate enterprise risk exposure.
• Security Testing & Assurance: Coordinate and manage security assessments including code reviews, vulnerability assessments, penetration testing, red teaming, and remediation tracking.
• Incident Response & Forensics: Lead cybersecurity incident response activities, perform root cause analysis, coordinate containment strategies, and drive post-incident improvement plans.
• Security by Design: Partner with infrastructure, application, and business teams to embed security controls into solution architecture and operational processes.
• Awareness & Engagement: Drive enterprise-wide cybersecurity awareness initiatives, phishing simulations, tabletop exercises, and crisis response drills.
• Compliance & Regulatory Reporting: Prepare executive-level dashboards and reports for senior management, board committees, and regulatory/statutory bodies.
• Security Technology Management: Oversee procurement, implementation, and lifecycle management of security tools across domains such as EDR/XDR, IAM, encryption, DLP, CASB, MDM, Zero Trust, and cloud security solutions.
• Continuous Improvement: Stay abreast of emerging cyber threats, regulatory updates, and technology advancements to guide long-term cybersecurity strategy.

Requirements

• Degree in Computer Science, Information Security, or related discipline with at least 6 years of relevant cybersecurity experience.
• Strong hands-on experience in public cloud security (Azure, M365) and governance frameworks such as ISO 27001, NIST, MTCS, and PDPA.
• Proven experience managing MSSP/SOC operations and vendor relationships.
• Experience leading or supporting Cyber Trust Mark certification and ISO 27001 audits.
• Knowledge of additional compliance frameworks such as IM8, ISO 31000, PCI-DSS, or MAS TRM is advantageous.
• Professional certifications such as CISSP, CISM, CISA, CEH, CHFI, CREST or equivalent are preferred.
• Strong stakeholder management skills with the ability to translate technical risks into business impact for senior leadership.
• Analytical, structured thinker with strong judgement and collaborative working style.

Argyll Scott Asia is acting as an Employment Agency in relation to this vacancy.