Accountabilities
1. Cybersecurity Risk Management Strategy:
- Develop and implement cybersecurity risk management strategies and frameworks that align with the organization's goals and objectives.
- Identify potential cybersecurity risks, assess their potential impact, and develop mitigation plans.
2. Cybersecurity Risk Assessment and Analysis:
- Conduct comprehensive cybersecurity risk assessments and analyses to identify potential cybersecurity risks and vulnerabilities across different business areas.
- Evaluate the effectiveness of existing cybersecurity controls and recommend improvements.
3. Operational Cybersecurity Risk Mitigation:
- Develop and implement operational cybersecurity risk mitigation strategies, policies, and procedures.
- Ensure that appropriate controls are in place to minimize cybersecurity risks and comply with regulatory requirements.
4. Cross-functional Collaboration:
- Work closely with cross-functional teams, including IT, information security, compliance, legal, and operations, to ensure a coordinated approach to cybersecurity risk management.
- Provide guidance and support to business units in implementing cybersecurity risk management practices.
5. Performance Monitoring:
- Establish key cybersecurity risk indicators (KRIs) and performance metrics to monitor the effectiveness of cybersecurity risk management activities.
- Regularly review and analyze cybersecurity risk-related data to identify trends, patterns, and emerging risks.
6. Incident Response and Crisis Management:
- Develop and implement incident response and crisis management plans to effectively respond to and recover from cybersecurity incidents or breaches.
- Coordinate and lead incident response activities as necessary.
7. Regulatory Compliance:
- Stay updated on relevant cybersecurity laws, regulations, and industry best practices.
- Ensure compliance with applicable cybersecurity regulations and standards and support internal and external audits.
8. Training and Education:
- Develop and deliver training programs to increase cybersecurity risk awareness and promote a strong cybersecurity risk culture within the organization.
- Provide guidance and support to employees on cybersecurity risk-related matters.
9. Reporting and Communication:
- Prepare and present comprehensive cybersecurity risk management reports to CISO, CIO, and senior leadership and relevant stakeholders.
- Communicate cybersecurity risk-related issues, findings, and recommendations effectively to drive informed decision-making.
• Other duties as assigned.
Work Environment
• Indoors : 100%
• Outdoors : 0%
• Working Days : 5 Working Days
• Days off : 2 Days Off
• Working Hours : 8:00 AM – 6:00 PM (1 hour break)
Job Requirements
• BSc in IT (or related)
• 5 Years of Experience
- Bachelor's degree in computer science, information security, risk management, or a related field.
- Proven experience in cybersecurity risk management, preferably in a senior or managerial role.
- Strong knowledge of cybersecurity risk management principles, practices, and frameworks.
- Familiarity with cybersecurity regulations, standards, and industry best practices
- Excellent analytical and problem-solving skills with the ability to think strategically.
- Strong leadership and management abilities with the capacity to influence and drive change.
- Exceptional communication and interpersonal skills to collaborate and engage with stakeholders at all levels.
- Ability to work effectively in a fast-paced, dynamic environment and manage multiple priorities.
- Professional certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified in Risk and Information Systems Control (CRISC) are a plus.
• English
• Arabic