IT Security Manager

Job Role: IT Security Manager

Experience: 711 Years

Job Description

711 years of strong industry experience in Cybersecurity Strategy Risk & Regulatory Technology (RiskTech

RegTech).

Should have experience in implementation and assessments of Cybersecurity frameworks (NIST CSF COBIT) and

regulatory guidelines (e.g. OSFI Technology and Cyber Risk Management (B13) / ThirdParty Risk Management

Guideline (B10)).

Must have experience in controls and gap assessments based on industry standards such as PCI NIST 80053

CIS CSC and compliance standards/frameworks like ISO 27001/27002 NIST COBIT SOX GLBA SSAE16/SOC 2

etc.

Must have experience and proficient in cyber risk management/control design and testing/ Cybersecurity

maturity assessments/ Third Party Risk Management/Supplier or Vendor Risk assessments/ etc

Demonstrates knowledge in developing cybersecurity strategies roadmaps target operating models

cybersecurity governance models cybersecurity architecture cyber policies/standards/procedures and Board

presentations/reports/material.

Develop and tailor approaches methods and tools to support clients cyber risk programs and initiatives.

Strategically drive the development and execution of risk assessments and mitigation plans to enhance the

client's ability to identify evaluate prioritize and mitigate risks.

Qualification

Master’s degree in business Computer Science Information Systems or a related field.

Hands on experience working with industry standards and frameworks (e.g. ISO 27001 NIST HIPAA FedRAMP

PCI)

Demonstrated problemsolving capabilities and ability to manage complex security requirements.

Selfmotivated directed and wellorganized with the ability to see projects through to closure.

Excellent communication skills both verbal and written for effective interaction with clients and clear

communication of technical concepts to nontechnical stakeholders.

Collaborative team player with the ability to provide thought leadership on cybersecurity solutions.

Experience in facilitating workshops gathering requirements and presenting to clients.

Relevant certifications in cybersecurity/ IT governance/ ISO or related fields are advantageous.

Good to have knowledge and experience with GRC tools such as Archer OpenPages