Responsibilities:
1. Lead and execute ISO 27000 audits, assess compliance with established standards, and identify areas for improvement.
2. Develop and implement comprehensive GRC frameworks to mitigate risks and enhance organisational resilience.
3. Collaborate with cross-functional teams to ensure alignment with regulatory requirements and industry best practices.
4. Conduct risk assessments and contribute to the development of risk mitigation strategies.
5. Stay abreast of emerging regulatory trends, ensuring proactive adjustments to compliance programs.
6. Advise and guide teams on compliance-related matters, fostering a culture of awareness and accountability.
7. Establish and maintain effective relationships with regulatory bodies, auditors, and stakeholders.
8. Create and deliver training programs to enhance the organization's understanding of compliance obligations.
9. Drive continuous improvement initiatives for GRC processes, policies, and procedures.
10. Provide leadership in incident response and contribute to the development of crisis management plans
Requirements:
- Significant experience leading information security audits with a preference for IS0 27001/2 and SOC 2 audits or assessments
- Experience on GRC projects from inspection to implementation
- Good Experience in cyber security covering all aspects of CIA triad
- Enough Information Technology and Information Security experience t contextualize and make their recommendations relevant and valuable.
- Knowledge of DPDPB act
- Hands on on any GRC tool
Didn’t find the job appropriate? Report this Job