Job brief: The Cybersecurity GRC Manager is responsible for establishing and maintaining an effective cybersecurity governance, risk management, and compliance framework within an organization. They play a critical role in ensuring that the organization's cybersecurity practices align with industry standards, regulatory requirements, and internal policies. Functions and Responsibilities:
Develop and implement cybersecurity governance frameworks, policies, and procedures to ensure compliance with applicable laws, regulations, and industry standards.
Collaborate with key stakeholders, such as legal, IT, and business units, to ensure cybersecurity initiatives align with the organization's overall strategic objectives.
Conduct cybersecurity risk assessments to identify, assess, and prioritize cybersecurity risks and vulnerabilities.
Develop and maintain risk management frameworks and methodologies to effectively manage and mitigate identified risks.
Collaborate with IT teams and business units to develop and implement risk mitigation strategies, controls, and action plans.
Monitor and track risk mitigation activities to ensure timely implementation and effectiveness.
Provide guidance and support to business units in conducting risk assessments specific to their operations, systems, and processes
Monitor and ensure compliance with relevant cybersecurity laws, regulations, and industry standards (e.g., GDPR, NCA, ISO 27001).
Conduct internal compliance reviews and assessments to identify gaps and areas requiring improvement.
Develop and deliver cybersecurity training and awareness programs to promote compliance and best practices among employees.
Implement and manage GRC tools and technologies to streamline and automate GRC processes.
Qualifications:
Bachelor's / master's degree in cybersecurity, risk management, information systems, or a related field.
Minimum of (5-7) years of related experience.
Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are highly desirable.
Extensive experience in cybersecurity GRC, risk management, or compliance roles.
Strong knowledge of cybersecurity laws, regulations, and industry standards such as NCA controls.
Skills:
Strong Understanding of Cybersecurity GRC
Proficiency in understanding and applying relevant regulatory requirements, industry standards (such as NIST, ISO 27001, and NCA controls, and frameworks is vital.
Governance and Policy Development.
Strong communication skills are necessary to effectively communicate complex cybersecurity and compliance concepts to both technical and non-technical stakeholders.
This job has been sourced from an external job board.
More jobs on https://www.qureos.com/
We regret to inform you that this job opportunity is no longer available