Role Description

This is a full-time on-site role for a Senior Cybersecurity Consultant located in the Casablanca Metropolitan Area. The Consultant will play a central role in supporting our clients — often critical or regulated organizations — in structuring, optimizing, and steering their cybersecurity strategy, with a strong focus on Governance, Risk, and Compliance (GRC). Daily tasks include conducting cybersecurity maturity assessments, performing risk analyses, defining and steering multi-year roadmaps, leading organizational audits, driving regulatory compliance initiatives, and working closely with clients’ CISOs, IT Directors, and executive committees to strengthen their overall security posture. The role also involves contributing to CybrForge’s methodological development and mentoring junior consultants.

⚠️ A minimum of 6 years of experience in cybersecurity is mandatory. Applications below this threshold will not be considered.
Qualifi

c

ations
• Manda

t

ory: at least 6 years of experience in cybersecurity (8 to 10 years preferred), with a specialization in GRC; consulting background strongly preferre

d• Proven expertise in Cybersecurity Governance, Risk Management, and Compliance (GRC), with the ability to assess and mitigate organizational risks effectivel

y• Strong command of leading frameworks and regulations: ISO 27001, ISO 27005, ISO 22301, NIST CSF, COBIT, GDPR, DORA, LPM/DNSSI, and Loi 05-2

0• Solid experience in risk analysis methodologies (ISO 27005, EBIOS RM, NIST RMF) across complex and sensitive perimeter

s• Experience leading security audits and compliance engagements as a lead audito

r• Ability to produce high-value strategic deliverables (ISSP, security policies, roadmaps, GRC dashboards, executive indicators

)• Experience in regulated or sensitive environments (finance, public sector, industry, telecom

)• Bachelor’s or Master’s degree in Cybersecurity, Computer Science, Risk Management, or a related field (Bac +5

)• Professional certifications such as ISO 27001 Lead Implementer/Lead Auditor, ISO 27005 Risk Manager, CISSP, CISM, CISA, or EBIOS RM are strongly value

d• Excellent analytical, problem-solving, and written communication skill

s• Ability to engage senior stakeholders (CISO, CIO, executive management) and to lead workshops with diverse audience

s• Leadership, autonomy, methodological rigor, and the ability to mentor junior profile

s• Strong team spirit and the ability to translate complex concepts for varied stakeholder

s