Job Summary
As a senior cyber risk manager, you will be responsible for leading the design and implementation of a risk-based approach framework and control library for cyber security. This activity will enable the organisation to define and prioritise cyber security capability uplift based on risk mitigation and to continuously assess and monitor the risk posture. You will also provide guidance and oversight to the cyber risk management team and collaborate with other stakeholders across the organisation to ensure alignment and integration of cyber risk management processes and practices.
Key Responsibilities Lead the development and execution of the risk-based approach framework for cyber security, including risk identification, assessment, treatment, reporting and monitoring.
Ensure that the framework is aligned with the organisation's cyber security strategy, objectives, policies and standards, as well as industry best practices and regulatory requirements.
Develop and maintain a cybersecurity risk control library which describes our controls, identifies owners and defines the control maturity level. Monitor the maturity level across the organisation and their impact on the identified risks.
Provide direction and support to the cyber risk management team in conducting cyber risk assessments, developing risk treatment plans, implementing risk mitigation actions and reporting on risk status and performance.
Facilitate the communication and escalation of cyber risk issues and incidents to senior management and relevant stakeholders, and provide recommendations for improvement and remediation.
Establish and maintain effective relationships with internal and external stakeholders, including business units, IT functions, audit, compliance, legal, vendors and regulators, to ensure alignment and integration of cyber risk management activities and deliverables.
Develop and maintain cyber risk management policies, procedures, guidelines and tools, and provide training and awareness to the organisation on cyber risk management principles and practices.
Conduct research and analysis on emerging cyber threats, trends and best practices, and provide insights and recommendations to enhance the organisation's cyber security posture and resilience.
Qualifications and Skills Bachelor's degree or higher in computer science, information systems, cyber security, risk management or related field.
At least 6 years of relevant experience in cyber security, risk management or related field, with at least 5 years in a senior or leadership role.
Professional certifications in cyber security, risk management or related field, such as CISSP, CISM, CRISC, CISA, ISO 27001, etc.
Strong knowledge and understanding of cyber security concepts, frameworks, standards and best practices, such as NIST, ISO, COBIT, etc.
#J-18808-Ljbffr