Requirements Must have
We need at least 10 years of experience in security risk management and threat assessments.
We need strong working knowledge of risk management frameworks such as ISO 31000 and NIST RMF.
We need hands‑on experience with threat modelling approaches including STRIDE and DREAD.
We need proven ability to identify and rank vulnerabilities across cyber, physical, and operational areas.
We need experience using risk assessment matrices and risk evaluation methods.
We need strong reporting skills and the ability to communicate effectively with both technical and executive stakeholders.
We need familiarity with regulatory and compliance frameworks, including PHIPA.
We need strong analytical and critical thinking skills.
We need excellent written and verbal communication skills.
We need the ability to work in complex, high‑risk environments.
We need strong documentation and r...