Risk & Compliance Manager

As a Risk Management professional, you will be responsible for developing and implementing risk assessment models and frameworks to identify potential threats and vulnerabilities that may impact business operations. You will monitor risk indicators, track risk appetite thresholds, and key risk metrics. Collaboration with cross-functional teams will be key in developing risk mitigation plans. In the realm of Compliance Management, you will ensure compliance with legal, regulatory, and internal policy requirements. This will involve conducting regular audits, compliance reviews, and reporting findings with recommended corrective actions. Keeping abreast of relevant laws, regulations, and best practices such as NIST, CSI, and others will be essential. Additionally, you will develop, implement, and maintain compliance training programs for employees. In Incident Response & Reporting, you will liaise with various teams including Security Operation, IT, IS Governance, and Information & Cybersecurity Incident Response to investigate compliance breaches and risk incidents. Root-cause analysis and corrective action implementation will be part of your responsibilities. Regular risk and compliance reports for executive leadership and the MSIL Board will also be prepared. Key Skill Requirements include proficiency in Cybersecurity Fundamentals, IT Infrastructure Knowledge, Risk Assessment frameworks & Tools (e.g., RSA Archer, ServiceNow GRC, MetricStream), Data Privacy & Protection standards (GDPR, HIPAA, ISO/IEC 27001), Regulatory Frameworks (SOX, PCI-DSS, NIST, COBIT), Audit Management, Policy Development, Problem-Solving, Decision-Making, Effective Communication, and Managing cross-functional teams while training staff on compliance best practices. Your assertiveness, negotiation skills, and ability to translate technical risks into business language will be crucial in this role. Experience in drafting, implementing, and updating IT compliance policies, along with clear reporting to stakeholders, will contribute to the overall success of risk management and compliance within the organization.,