Job Description
Note:
The job is a remote job and is open to candidates in USA. UST is a mission-driven technology company that transforms lives through innovation. They are seeking a Cybersecurity & Compliance Consultant to guide clients in enhancing security measures, ensuring compliance, and implementing frameworks through consulting, audits, and risk management activities. Responsibilities • Lead consulting engagements across cybersecurity, risk management, and compliance domains • Advise clients on best practices, improvement strategies, and implementation approaches aligned with recognized standards • Translate regulatory and technical requirements into clear, actionable recommendations • Independently conduct internal audits and GAP analyses aligned with: ISO 27001, ISO 22301, ISO 27701, NIST CSF 2.0, DORA, NIS2, ENS, and other frameworks • Identify non-conformities and provide structured remediation plans • Prepare client-ready audit reports, risk registers, and compliance roadmaps • Facilitate and execute risk assessments (AARR, BIAs) across business processes and information systems • Apply methodologies such as ISO 31000, Magerit v3, and COSO to evaluate and treat risks • Support clients in adopting formal risk management practices • Review technical assessments to identify vulnerabilities and recommend mitigation strategies • Support cybersecurity initiatives including control implementation, incident response planning, and awareness programs • Validate security controls and document evidence of compliance • Serve as a primary point of contact for clients throughout engagements • Communicate technical requirements, project progress, findings, and recommendations clearly and effectively • Deliver presentations, training sessions, and executive briefings tailored to diverse audiences • Develop and maintain client documentation including policies, procedures, standards, and process guides • Ensure high-quality, audit-ready documentation for all consulting deliverables • Coordinate evidence collection efforts across client teams during audit and compliance activities Skills • 4+ years of experience in cybersecurity consulting, audits, compliance, or risk management • Expertise and/or certification in ISO 27001 (mandatory) • Working knowledge of international standards such as: ISO 22301, ISO 27701, ISO 27005, ENS, ISO 42001, NIST CSF 2.0, SOC 2, GDPR, DORA, NIS2, CMMC 2.0 • Strong proficiency in risk assessment methodologies (ISO 31000, Magerit v3, COSO) • Experience with cybersecurity technologies such as firewalls, DLP, IDS/IPS, EDR, and other protection solutions • Experience supporting or participating in incident response activities • Excellent verbal and written communication skills in English • Bachelor's degree in Computer Engineering, Telecommunications, or a related field; Master's in Cybersecurity preferred • CISM • CISSP • CISA • ISO/IEC 27001 Lead Auditor or Lead Implementer Benefits • Fourteen (14) days of vacation beginning on the date of hire • Vacation premium • Ten (10) paid holidays • A Christmas Bonus of thirty (30) days’ pay • Monthly Food Vouchers • Saving Fund • Health insurance • Dental, disability and life insurance plans • Four (4) days of personal time off per year • Up to three (3) days of paid medical leave per year • Up to three (3) days of paid bereavement leave per year Company Overview • UST is a Digital Transformations Solutions Provider.
It was founded in 1999, and is headquartered in Aliso Viejo, California, USA, with a workforce of 10001+ employees. Its website is Apply tot his job