Cyber Security Manager

Chief Manager - Cyber Security Risk

ROLE SUMMARY

• Chief Manager - Cyber Security Risk is responsible for implementation and governance of Cyber Security, Risk and Compliance frameworks.
• The role takes the lead for the implementation of information security policies, standards, procedures, and best practices to ensure the confidentiality, integrity, and availability of information assets.
• The role coordinates and conducts internal and external risk assessments to assess the effectiveness of information/cyber security controls and suggest/supervise the closure of the identified gaps.
• The role works closely with other business units, CISO, CIO, IT teams and external stakeholders to confirm alignment of information/cyber security objectives.

KEY RESPONSIBILITIES

Role and Responsibility

• Leading the establishment, implementation and maintenance of IT/Cyber Security, Risk and Compliance framework that meets regulatory requirements and protects the information and technology assets of MFL.
• Managing the development and promotion of Cyber Security, Risk and Compliance policies, procedures, standards, guidelines and reporting requirements to protect information and technology assets.
• Leading the Cyber Security Risk function to ensure that resources (people, technology, and processes) are appropriate to the required standards of operation, cost-efficiency, best practice, and performance.
• Manage Red teaming, VA-PT and the other Risk assessment as per the business needs

KEY SKILLS & BEHAVIOURAL ATTRIBUTES

• Expertise in information/Cyber security standards, frameworks, and best practices, such as ISO 27001, NIST etc.
• Ability to assess security policies, procedures, and controls across the organization.
• Experience in conducting risk assessments and compliance reviews and preparing reports and recommendations.
• Strong leadership and communication skills, with the ability to influence and collaborate with senior management and stakeholders.
• Knowledge of emerging security threats, trends and technologies, and the ability to proactively identify and mitigate risks.
• Critical thinking and problem-solving skills, with the ability to analyze complex situations and provide effective solutions.
• High ethical standards and integrity, with the ability to handle confidential and sensitive information.

EDUCATION / EXPERIENCE

• Graduate / Postgraduate in computer science, information systems/ Technology, Cybersecurity, or a related field

• Minimum 10 years of experience

  in information security management, compliance, and risk assessment roles, preferably in a large and complex organization.

• Certification in relevant security domains, such as CISSP, CISM, CRISC, CEH, Red Teaming etc

• Should have strong leadership, communication, analytical and problem-solving skills.
• Display a high level of integrity, professionalism, and ethical conduct.