About the Role
The role will play an integral part in managing the security program as a whole, and provide oversight and validation of control effectiveness within Security. Manage and mature the second line of defense risk and internal controls program. Support and align with CISO for all management reporting.
About the Task
Work cross-functionally and throughout all levels within the organization. Represent Risk and Security Governance to all levels of the organization, including Executive Management.
Identify and report internal control deficiencies and gaps. Validate remediation plans with the risk owner.
Conduct regular reviews to identify adherence or gap in information security implementation
Create, maintain and regularly communicate Information Security Policies, Standards and Process
Manage the organisation wide Information Security Awareness training
Implement and manage the information security GRC tool
Manage all security related audits (internal, external, regulatory, etc.)
Communicate regular status updates and results to management.
Enhance and develop new methods of governance and assurance.
Track the Risk Acceptance Form (RAF) process for Security-related exceptions to policies
Develop, monitor, and report on key metrics (KPIs and KRIs) for risk, compliance and operating effectiveness of internal controls
DISCLAIMER: Dear Candidate! You are fully responsible to deal with the employer on the hiring process. GulfJobs.com will not take any responsibility on your hiring process. Genuine employer does not ask money for hiring!