Lead Cyber Risk Management Specialist

دوام كامل في a Laimoon Verified Company في Saudi Arabia
نُشرت يوم November 9, 2024

تفاصيل الوظيفة

Business Unit: President Complex Division: Not Applicable Job Purpose: The aim is to supervise and guarantee the implementation and embrace of the Cyber Risk framework throughout IsDB. This role involves wielding the authority of the second line of defense at a corporate level to handle cyber and information security risks. The key tasks include overseeing the risks associated with IsDB's IT resources and information assets by formulating a cyber risk management framework, executing annual risk assessment plans, maintaining the IsDB cyber risk register, tracking the progress of risk mitigation plans, and ensuring the governance of risk management in the first line of defense. Key Accountabilities: Cyber and information risk governance Establish, update and maintain cyber risk management framework and associated artifacts. Ensure that risk management practices are executed as per the framework in the1st and 2nd lines of defenses. Oversee the risks identified by 1st line of defense and consolidate or update in IsDB cyber risk register. Identify and manage information security risks to achieve business objectives, through developing systematic, analytical, and continuous risk management processes to ensure that risk identification, analysis, and mitigation activities are integrated into projects and process life cycles. Monitor the progress of risk mitigation plans listed in IsDB cybersecurity risk register, and verify the effectiveness of controls implemented as per risk mitigation plans. 2nd Line of Defense Governance Provide advisory inputs to 1st line of defense and IMDT about cyber security projects. Participate in reviewing cyber security artefacts. Academic and professional qualifications: Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or related discipline. 10 years of relevant post-qualification experience, with at least three (3) years of cyber risk management experience. 3 years of managerial / relevant supervisory experience is mandatory. Possession of security and risk certifications, such as CISSP, CISM, CISA, CRISC, etc., would be an advantage. Skills & Necessary Knowledge: Mixed managerial, analytical, and technical skills and knowledge in all aspects of computer security in multi-IT areas: database, development, network, operating systems, IT security, applications security, etc. Good understanding and writing skills of computer systems security strategies, policies, principles, procedures, and standards. Good technical knowledge and experience in Business Continuity Planning areas. Good understanding of Incident management and security related events and response processes. Good Knowledge of risk assessment processes Good understanding of 1SO27001-2, and current legal and regulatory requirements relating to information security and privacy

#J-18808-Ljbffr Risk Management & Quantitative Analysis

Apply safely

To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.

Share this job
See All Lead Jobs
تعليقات وملاحظات تعليقات وملاحظات