Our professionals balance analytical skills, deep market insight and independence to deliver solid, defensible analysis and practical advice to our clients.
As an organization, we think globally. We create transparency in an opaque world, and we encourage our people to do the same.
That means when you take your place on our team, you’ll discover a supportive and collaborative work environment that empowers you to excel.
If you’re ready to share your perspective with the world, then you can make a real impact here. This is the Duff & Phelps difference.
Kroll is the leading global provider of risk solutions. For more than 40 years, Kroll has helped clients make confident risk management decisions about people, assets, operations, and security through a wide range of investigations, cyber security, due diligence and compliance, physical and operational security, and data and information management services.
Headquartered in New York with more than 50 offices across nearly 30 countries, Kroll has a multidisciplinary team of over 2,000 employees and serves a global clientele of law firms, financial institutions, corporations, non-profit institutions, government agencies, and individuals.
At Duff & Phelps, your work will help protect, restore and maximize value for our clients. Join us and together we’ll maximize the value of your career.
Leading cyber risk assessments, data protection impact assessments, governance reviews and other security assessment and risk advisory services across the APAC region
Analysing and assessing risk to information technology systems and enterprise business environments
Taking ownership of projects and deliverables
Drafting and reviewing cyber security policies and procedures
Presenting findings and recommendations to senior leadership
Producing high quality directed reports and proposals
Defining client requirements
Staying up-to-date with relevant cyber security legislation, frameworks and industry trends
Coordinating and working closely with team members in other Kroll offices globally
Self-motivated and able to demonstrate a passion for this type of work. This will include evidence of research, knowledge of a diverse array of tool-sets, community participation and self-learning beyond commercial training
Must have demonstrable experience in creating and managing enterprise cyber security risk management programs
Be a hands-on practitioner when it comes to analysing, assessing and managing risk
Understand relevant cyber security legislation and regulatory / maturity frameworks
Understand relevant data privacy legislations and be able to assess maturity against such requirements
Have the capability to communicate risk at a leadership level in the context of one or more industry sectors
Have excellent written and spoken English (Another Asian language would also be an advantage)
Minimum of 8 years’ experience within cyber security governance, risk and compliance areas
Able to manage multiple projects on a daily basis
Willingness to travel
In order to be considered for a position at Duff & Phelps, you must formally apply via careers.duffandphelps.jobs
Duff & Phelps is committed to equal opportunity and diversity, and recruits people based on merit