IT Risk Manager - Cyber Security (10-16 yrs)

Job Description :

Role and Responsibilities :

- Conduct security risk assessments, monitor organizational compliance, and ensure effective prioritization and remediation of cyber risks within agreed SLAs.

- Identify cloud-related risks, assess business impacts, and develop actionable mitigation strategies aligned with governance and control measures.

- Perform audits, manage gap analyses, and ensure compliance with standards like ISO/IEC 27001, PCI DSS, and NIS 2, including readiness and monitoring activities.

- Develop and maintain a corporate-wide Business Continuity Plan addressing recovery and emergency response, ensuring alignment with business and regulatory requirements.

- Create, implement, and maintain security policies, procedures, and awareness training programs to enhance organizational security posture.

- Collaborate with stakeholders, including Legal and third-party vendors, to manage security requirements, regulatory compliance, and operational decision alignment with policies.

- Facilitate ongoing improvement by analyzing risks, regulatory updates, and stakeholder feedback, ensuring effective communication and presentation of security findings.

Skills & Experience :

- Extensive experience in security governance, risk, and compliance, including auditing IT systems, leading ISO 27001 certification processes, and conducting security risk assessments.

- Proven expertise in business continuity, cloud security, GRC tools, and virtualization technologies, with the ability to share technical knowledge across teams.

- Strong management and leadership skills, adept at setting goals, delegating tasks, and ensuring objectives are met in dynamic, deadline-oriented environments.

- Exceptional communication and interpersonal skills, capable of interacting with diverse groups, including executives and technical teams, and delivering effective presentations and training.

- Professional certifications such as CISSP, CISM, CRISC, or ISO 27001 Lead Implementer, combined with a relevant degree or equivalent experience in information security fields.

- Demonstrated ability to work independently with a proactive, results-driven mindset, while fostering team collaboration and maintaining focus on service delivery.

- Strategic thinker with a global perspective, innovative approach, and technical depth to lead discussions on cloud application security technologies and enterprise solutions.