Cyber Security Manager - Risk Assessment

Chief Manager - Cyber Security Risk

ROLE SUMMARY

• Chief Manager - Cyber Security Risk is responsible for the implementation and governance of Cyber Security Risk and Compliance frameworks.
• The role takes the lead for the implementation of information security policies, standards, procedures, and best practices to ensure the confidentiality, integrity, and availability of information assets.
• The role coordinates and conducts internal and external risk assessments to assess the effectiveness of information/cyber security controls and suggest/supervise the closure of the identified gaps.
• The role works closely with other business units, CISO, CIO, IT teams and external stakeholders to confirm alignment of information/cyber security objectives.

KEY RESPONSIBILITIES

Role and Responsibility

• Developing and Implementing Strategy:

  Implementing the cybersecurity risk management strategy that aligns with the organization's mission and objectives. This involves staying up to date with emerging threats and technologies.

• Risk Assessment and Analysis:

  Conducting regular risk assessments to identify vulnerabilities in IT systems, networks, and data. This includes evaluating the likelihood and potential impact of cyber threats.

• Mitigation and Control:

  Designing and implementing security controls and protocols to reduce identified risks to an acceptable level. This may involve using tools like firewalls, intrusion detection systems, and encryption.

• Compliance and Governance:

  Ensuring the organization complies with industry standards and government regulations.

• Incident Response:

  Leading the response to security breaches, coordinating with technical teams to contain the incident, and minimizing damage.

• Stakeholder Communication:

  Communicating complex technical risks and mitigation plans to both technical teams and non-technical stakeholders, including senior management.

• Team Leadership:

  Managing and mentoring a team of cybersecurity professionals.

KEY SKILLS & BEHAVIOURAL ATTRIBUTES

• Expertise in information/Cyber security standards, frameworks, and best practices, such as ISO 27001, NIST etc.
• Ability to assess security policies, procedures, and controls across the organization.
• Experience in conducting risk assessments and compliance reviews and preparing reports and recommendations.
• Strong leadership and communication skills, with the ability to influence and collaborate with senior management and stakeholders.
• Knowledge of emerging security threats, trends and technologies, and the ability to proactively identify and mitigate risks.
• Critical thinking and problem-solving skills, with the ability to analyze complex situations and provide effective solutions.
• High ethical standards and integrity, with the ability to handle confidential and sensitive information.

EDUCATION / EXPERIENCE

• Graduate / Postgraduate in computer science, information systems/ Technology, Cybersecurity, or a related field
• Minimum 10 years of experience in information security management, compliance, and risk assessment roles, preferably in a large and complex organization.
• Certification in relevant security domains, such as CISSP, CISM, CRISC, CEH, Red Teaming etc
• Should have strong leadership, communication, analytical and problem-solving skills.
• Display a high level of integrity, professionalism, and ethical conduct.