Cybersecurity GRC Manager
Job brief:
The Cybersecurity GRC Manager is responsible for establishing and maintaining an effective cybersecurity governance, risk management, and compliance framework within an organization. They play a critical role in ensuring that the organization's cybersecurity practices align with industry standards, regulatory requirements, and internal policies.
Functions and Responsibilities:
- Develop and implement cybersecurity governance frameworks, policies, and procedures to ensure compliance with applicable laws, regulations, and industry standards.
- Collaborate with key stakeholders, such as legal, IT, and business units, to ensure cybersecurity initiatives align with the organization's overall strategic objectives.
- Conduct cybersecurity risk assessments to identify, assess, and prioritize cybersecurity risks and vulnerabilities.
- Develop and maintain risk management frameworks and methodologies to effectively manage and mitigate identified risks.
- Collaborate with IT teams and business units to develop and implement risk mitigation strategies, controls, and action plans.
- Monitor and track risk mitigation activities to ensure timely implementation and effectiveness.
- Provide guidance and support to business units in conducting risk assessments specific to their operations, systems, and processes
- Monitor and ensure compliance with relevant cybersecurity laws, regulations, and industry standards (e.g., GDPR, NCA, ISO 27001).
- Conduct internal compliance reviews and assessments to identify gaps and areas requiring improvement.
- Develop and deliver cybersecurity training and awareness programs to promote compliance and best practices among employees.
- Implement and manage GRC tools and technologies to streamline and automate GRC processes.
Qualifications:
- Bachelor's / master's degree in cybersecurity, risk management, information systems, or a related field.
- Minimum of (5-7) years of related experience.
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are highly desirable.
- Extensive experience in cybersecurity GRC, risk management, or compliance roles.
- Strong knowledge of cybersecurity laws, regulations, and industry standards such as NCA controls.
Skills:
- Strong Understanding of Cybersecurity GRC
- Proficiency in understanding and applying relevant regulatory requirements, industry standards (such as NIST, ISO 27001, and NCA controls, and frameworks is vital.
- Governance and Policy Development.
- Strong communication skills are necessary to effectively communicate complex cybersecurity and compliance concepts to both technical and non-technical stakeholders.
- Department
- Risk & Compliance
- Role
- Corporate Governance Manager
- Locations
- Golf Saudi
About Golf Saudi
Golf Saudi facilitates uptake and participation in golf through the delivery of world-class facilities, operational excellence, and the implementation of industry best practice to position the Kingdom as an exceptional golfing nation. Combined with grassroots training and education programmes that introduce people to the game at the earliest opportunity and with the greatest ease, Golf Saudi is committed to delivering a dynamic national development programme that transforms the golfing landscape.
Cybersecurity GRC Manager
Loading application form