Job brief:
The Cybersecurity GRC Manager is responsible for establishing and maintaining an effective cybersecurity governance risk management and compliance framework within an organization. They play a critical role in ensuring that the organizations cybersecurity practices align with industry standards regulatory requirements and internal policies.
Functions and Responsibilities:
- Develop and implement cybersecurity governance frameworks policies and procedures to ensure compliance with applicable laws regulations and industry standards.
- Collaborate with key stakeholders such as legal IT and business units to ensure cybersecurity initiatives align with the organizations overall strategic objectives.
- Conduct cybersecurity risk assessments to identify assess and prioritize cybersecurity risks and vulnerabilities.
- Develop and maintain risk management frameworks and methodologies to effectively manage and mitigate identified risks.
- Collaborate with IT teams and business units to develop and implement risk mitigation strategies controls and action plans.
- Monitor and track risk mitigation activities to ensure timely implementation and effectiveness.
- Provide guidance and support to business units in conducting risk assessments specific to their operations systems and processes
- Monitor and ensure compliance with relevant cybersecurity laws regulations and industry standards (e.g. GDPR NCA ISO 27001).
- Conduct internal compliance reviews and assessments to identify gaps and areas requiring improvement.
- Develop and deliver cybersecurity training and awareness programs to promote compliance and best practices among employees.
- Implement and manage GRC tools and technologies to streamline and automate GRC processes.
Qualifications:
- Bachelors / masters degree in cybersecurity risk management information systems or a related field.
- Minimum of (57) years of related experience.
- Professional certifications such as Certified Information Systems Security Professional (CISSP) Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC) are highly desirable.
- Extensive experience in cybersecurity GRC risk management or compliance roles.
- Strong knowledge of cybersecurity laws regulations and industry standards such as NCA controls.
Skills:
- Strong Understanding of Cybersecurity GRC
- Proficiency in understanding and applying relevant regulatory requirements industry standards (such as NIST ISO 27001 and NCA controls and frameworks is vital.
- Governance and Policy Development.
- Strong communication skills are necessary to effectively communicate complex cybersecurity and compliance concepts to both technical and nontechnical stakeholders.
This job has been sourced from an external job board.
More jobs on