Duties & Responsibilities (shall include but not be limited to):
- Develop and implement a robust GRC framework.
- Conduct regular risk assessments and vulnerability scans.
- Maintain security policies, procedures, and standards.
- Ensure compliance with regulations and industry best practices.
- Support incident response activities.
- Manage cybersecurity programs and initiatives.
- Collaborate with IT and operational teams.
- Conduct security awareness training.
- Manage cybersecurity service providers.
- Perform audits and assessments.
- Prepare detailed reports on security posture.
- Provide regular updates to management.
- Mentor and guide team members.
- Foster a culture of security awareness.
- Collaborate with other departments.
- Lead and participate in incident response.
- Manage cybersecurity projects, including planning, execution, and monitoring.
Qualifications & Skills:
- Bachelor's degree in computer science, Cybersecurity or Information Security.
- Master's degree in Cybersecurity or Information Security is preferred.
- CISSP and CISM certifications.
- Strong understanding of cybersecurity frameworks and regulations.
- Analytical, problem-solving, and decision-making skills.
- Effective communication and interpersonal skills.
- Risk assessment and management
- Incident response
- Policy and procedure development
- Auditing and compliance
- Vulnerability management
- Security awareness and training
- Technical writing and reporting
- Contract negotiation and management
- Service level agreement (SLA) development and monitoring
- Supply chain security
- Operational Technology (OT) security
