Manager – Information Security (Cyber GRC)

Job Description: Manager Information Security (Cyber GRC)

• Governance, Risk, and Compliance (GRC): Frameworks: Develop and implement governance, risk, and compliance frameworks for cybersecurity. Ensure that frameworks are aligned with industry standards, regulatory requirements, and internal policies. Continuously improve the GRC process to enhance risk management and compliance across the organization. Be an owner for Trust Center and Cyber GRC controls under the overall controls framework.
• Cyber Risk Assessments and Audits: Conduct comprehensive cyber risk assessments and support internal audits to evaluate security controls, processes, and compliance. Identify gaps in cybersecurity practices and recommend remediation measures. Provide evidence and documentation to internal audit teams and clients for certifications and compliance audits.
• Vendor Risk Assessments: Perform vendor risk assessments, focusing on information security and cybersecurity practices. Provide input to clients and internal teams on vendor risk and ensure that vendors meet cybersecurity requirements.
• Regulatory Compliance Monitoring: Monitor changes in cybersecurity regulations, industry standards, and best practices. Ensure that the organization remains compliant with relevant laws and regulatory requirements. Update policies and procedures to reflect these changes and provide training to relevant stakeholders.
• Cybersecurity Policy Development and Maintenance: Develop, review, and maintain all cybersecurity-related policies and procedures. Ensure policies are communicated to all employees and are integrated into day-to-day operations. Regularly review and update policies to adapt to emerging threats and new regulations.
• Reporting and Risk Mitigation: Prepare reports on the status of cybersecurity risks, compliance levels, and vendor assessments. Work with cross-functional teams, including IT, security, legal, and compliance, to develop strategies to mitigate identified risks and improve the organizations cybersecurity posture.

Interested candidate please share your cv on renuka.bi@peoplefy.com.