Job Description
Key Responsibilities
1. Risk Management
- Identify, assess, and prioritize enterprise risks
- Drive periodic risk assessments and reporting to leadership
- Integrate risk management into project delivery and business processes
2. Compliance & Governance
- Ensure compliance with frameworks such as ISO 27001, SOC 2, GDPR, and relevant local regulations
- Develop and enforce policies (InfoSec, data protection, access control, vendor risk)
- Lead internal and external audits, including evidence collection and remediation tracking
- Monitor regulatory changes and assess business impact
3. Information Security Collaboration
- Work closely with IT and Security teams to ensure controls are implemented effectively
- Track vulnerabilities, incidents, and control gaps, ensuring timely closure
- Support incident response and root cause analysis ...