Cybersecurity Governance and Risk Management Specialist
We are seeking a skilled professional to develop and implement cybersecurity governance and risk management strategies, policies, processes, and procedures. The ideal candidate will have expertise in information security frameworks, crisis management, business continuity planning, and third-party risk management.
Key Responsibilities:
* Develop and update information security policies aligned with NIST and ISO 27001 frameworks, ensuring compliance and best practices.
* Manage the Third-Party Risk Management Program, assessing and mitigating cybersecurity risks associated with vendors and suppliers.
* Implement and monitor the Information Security Risk Management Program, tracking risks and performance indicators.
* Analyze, validate, and report on security risks, including identification, prioritization, and monitoring.
Requirements:
* 7+ years of experience in cybersecurity risk management, compliance, governance, and third-party risk management.
* Familiarity with GRC tools and security technologies.
* Strong understanding of information security concepts, threats, and trends.
* Expertise in risk analysis techniques, including qualitative and quantitative assessments.
* Knowledge of crisis management and business continuity planning (BCP/DRP).