Manager, Cybersecurity Exercises & CII Risk Assessment

Key Responsibilities

• Lead the end-to-end conduct of cybersecurity exercises including pre-sales, exercise planning, scenario development, and reporting
• Conduct current state discovery to understand the client's technology infrastructure, cyber resilience programmes, incident response plans, and scenario-specific playbooks
• Design exercise scenarios that are relevant to, and aligned with, the client's specific environment and context
• Engage relevant business, operational, technical, and management teams in preparing for the exercise
• Provide recommendations to the client on improvements to their existing setup and plans
• Conduct the exercise and act as both the exercise facilitator as well as the technical advisor to the exercise scenarios
• Conduct post-exercise debrief / after-action review workshops
• Develop the exercise report and provide observations and recommendations that are meaningful and relevant to the client's context
• Present the exercise report to the relevant stakeholders and tailor the messages based on the audience
• Lead and manage CII risk assessment engagements, including scoping, planning, execution, and reporting
• Identify and assess cyber risks to Critical Information Infrastructure, including threats, vulnerabilities, and potential impact to essential services
• Review and evaluate the adequacy and effectiveness of CII owners' cybersecurity policies, processes, and technical controls against regulatory requirements and established frameworks