Governance & Risk Manager Technology

Job Description Summary

As part of the Governance, Risk & Compliance (GRC) team, the Governance and Risk Manager will be supporting the creation and standardization of security policies and stand-ards, information security risk management operations, and the integration of cybersecurity into greater programs and projects. He would also be responsible for effective reporting & monitoring of cybersecurity metrics to the Leadership.

 

Job Description

Information Security Policy Governance

• Develop key policies, procedures and standards across multiple cyber domains that the rest of the organization will adhere too.
• Develop Information Security Management framework & control matrix, across multiple cyber domains that the rest of the organization will adhere too.
• Ensure security policies, standards, and procedures are aligned with the organization's objectives, risk environment, and legal/regulatory requirements.
• Provide guidance and enforce adherence to cybersecurity laws, regulations, guidelines, and specifications through effective designs of the cybersecurity policies & processes.
• Manage and deploy Governance, Risk and Compliance tools to automate process and provide seamless access to cybersecurity control matrix & risk data and insights
• Enhance overall security governance in projects and programs
• Deliver high quality work outcomes in a high-pressure, fast paced setting to meet company needs.
• Is Accountable to develop, deliver & continuously improvise Information Security & Risk management framework.
• Establish effective interface between Enterprise Risk Management & Information Security & Risk Management team.

IT Risk Management

• Develop, deliver & continuously monitor effectiveness of IT Risk Management framework, policy & procedures.
• Perform technology risk assessments and reviewing, documenting evaluating control design effectiveness.
• Performing risk analysis by reviewing the information security policies against industry standards, regulatory requirements& drafting risk reports.
• Support activities for cyber risk assessments and other regular information security risk assessments
• Enable transparency and accountability in managing security risk.

IT GRC Metrics Monitoring

• Establish risk focused monitoring metrics to ensure effective delivery of security services.
• Continuously monitor & report a comprehensive risk focused monitoring metrics to ensure effective delivery of security services.
• Is responsible to provide timely & accurate reporting for all security & risk management services/metrics, to various ISRM, IT & Business Leadership team

 

Skills Desired

Communication Skills, Compliance Audits, Compliance Management, Compliance Risk Assessment, Compliance Training, Influencing Skills, Quality Assurance