Cyber Defense Governance & Reporting Lead

Cyber Defense Governance & Compliance Develop and maintain cyber defense governance frameworks, ensuring alignment with industry standards like NIST, ISO 27001, and regulatory mandates. Establish and enforce policies, procedures, and risk management guidelines for security operations. Conduct regular governance audits to assess cybersecurity effectiveness and compliance adherence. Security Metrics & Executive Reporting Design and manage cybersecurity Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) to measure operational effectiveness. Generate Cyber Defense MIS reports, dashboards, and executive summaries for leadership and regulatory bodies. Provide actionable insights from security metrics, ensuring data-driven decision-making in cyber defense operations. Threat Intelligence & Risk Management Oversee integration of threat intelligence insights into governance frameworks to enhance risk mitigation strategies. Conduct risk assessments based on emerging threats, attack trends, and compliance gaps. Collaborate with security teams to refine incident classification models, response SLAs, and governance workflows. Cyber Incident & Crisis Reporting Establish standardized incident reporting protocols, ensuring compliance with regulatory requirements. Lead post-incident root cause analysis (RCA) and governance-driven improvement initiatives. Develop structured processes for incident escalation tracking, remediation follow-ups, and reporting accuracy. Process Governance & Operational Excellence Define and optimize cyber defense operational workflows, ensuring consistency in threat monitoring and response. Conduct SOC maturity assessments and provide governance recommendations to improve security posture. Enhance alignment between cyber defense strategies and business risk management goals. Cyber Awareness & Compliance Training Develop and execute cybersecurity training programs for risk, compliance, and executive teams. Conduct tabletop exercises and simulated security drills to improve organizational response readiness. Ensure continuous improvement in security awareness initiatives across stakeholders. Stakeholder & Regulatory Engagement Act as the primary liaison between cybersecurity teams, risk management, compliance, and executive leadership. Represent cyber defense operations in audit meetings, regulatory discussions, and board-level reporting sessions. Stay updated with evolving cybersecurity laws, frameworks, and global compliance requirements.