Main Objective of Role
To support the organization’s cybersecurity governance, risk management, and compliance activities by coordinating and executing Governance, Risk, and Compliance (GRC) processes to ensure alignment with regulatory requirements, industry standards, and internal policies, ultimately strengthening the organization’s security posture.
Key Responsibilities
- Develop, implement, and maintain information security governance frameworks, policies, and procedures.
- Conduct risk assessments and facilitate risk management activities, including identification, evaluation, and mitigation of security risks.
- Support compliance efforts with relevant regulations and standards such as DESC ISR, ISO 27001, NIST, GDPR, PCI-DSS, and others.
- Manage and coordinate internal and external audits related to information security and compliance.
- Maintain the organization’s risk register and track remediation plans to closure...