Cybersecurity Governance and Risk Officer
Cybersecurity Governance and Risk Officer
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Not Disclosed
Salary Not Disclosed
1 Vacancy
Job Description
The Governance and Risk Officer help ensure that the organization maintains a robust security posture complies with relevant policies and standards and fosters a culture of security awareness among employees.
Key Responsibilities:
- Governance and Compliance:
- Ensure compliance with relevant laws regulations and standards when required.
- Develop enforce review and monitor compliance and update security policies standards and procedures.
- Risk Management:
- Assist in Identifying and assessing risks across the organization.
- Conduct risk assessments identify potential security risks and implement mitigation strategies.
- Monitor and report on risk exposure and mitigation efforts.
- Awareness and Training:
- Plan and execute security awareness campaigns and conduct phishing simulations to test employee awareness.
- Define security awareness campaigns for specific profiles within the organisation.
- Manage the employment lifecycle and performance of personnel in accordance with security requirements (background checks vetting transfers risk designations succession planning disciplinary action and termination) in alignment with Human Resources
- Information Asset Inventories and Control Management
- Maintain information asset inventories including categorization critical assets risks and security controls in place.
- Ownership of the cybersecurity Control Catalog and ensure controls are applied.
- Security Auditing:
- Perform security audits internally and respond to external audit demands.
- Perform 3rd Party audits and maintain an inventory of vetted suppliers and tools
Qualifications :
- 5 years of professional experience in cybersecurity with focus on auditing governance risk management.
- Strong understanding of regulatory requirements and industry standards
- Knowledge of best practices in modern security architectures and incident responses
- Relevant security certifications such as CRISC CISA.
- Familiarity with security control frameworks: CIS Controls NIST Special Publication 80053
- Familiarity with cybersecurity frameworks: NIST CSF ISO27001
Additional Information :
- Highly responsive energetic and enthusiastic
- Analytical thinking and problemsolving skills
- Ability to work independently and as part of a team
- Strong ethical standards and integrity
- Capable of prioritising tasks and meeting critical deadlines
- Excellent judgment attention to details
- Excellent communication and interpersonal skills
- Expect duty to expand beyond normal business hours
- User/business focus
Remote Work :
No
Employment Type :
Fulltime
Employment Type
Full-time
