Develop and implement cybersecurity policies, standards, and procedures in alignment with industry best practices and regulatory requirements

Establish and maintain a cybersecurity governance framework to ensure effective oversight and decision-making

​Conduct assessments of third-party vendors and service providers to evaluate their cybersecurity posture and ensure they meet the organization's security requirements

Collaborate with stakeholders to prioritize and implement risk mitigation strategies

Stay abreast of relevant laws, regulations, and industry standards pertaining to cybersecurity

Continuously evaluate and enhance cybersecurity GRC processes to adapt to changing threats, technologies, and business needs

Conduct benchmarking activities to compare the organization's cybersecurity GRC practices against industry standards and best practices

Review and assess the security architecture of clients' systems and networks

Recommend improvements to enhance the overall security posture

Must Possess a Bachelor's degree in Information Security, Cybersecurity, Risk Management, IT Management, or a related field

Minimum 6–9 years of working experience in the related field

Proven experience in cybersecurity GRC roles, preferably in a consulting environment

Relevant certifications such as CISSP, CISM, CRISC, or similar will be a plus

In-depth knowledge of cybersecurity frameworks, regulations, and standards

Strong analytical and problem-solving skills

Excellent communication and interpersonal skills

Be able to balance technical expertise with effective communication and collaboration skills to drive a comprehensive cybersecurity strategy