Cybersecurity Governance & Risk Manager

Responsibilities:

• Implement IT risk management frameworks, policies, and compliance checks
• Maintain cybersecurity policies, vendor governance, and system criticality frameworks
• Modernize oversight via emerging tech and real-time risk tracking tools
• Ensure secure SDLC and risk assessments during IT development lifecycle
• Conduct regular audits to ensure security controls are effective and policies followed
• Advise business and tech units on IT/cyber risks and secure implementations
• Strengthen third-party/vendor risk management through due diligence and ongoing assessment
• Monitor risk exposure from projects, changes, and new tech initiatives
• Partner with stakeholders to reduce risks from incidents, breaches, or compliance issues
• Support cybersecurity awareness and incident response activities

Requirements:

• 7+ years experience in cybersecurity, IT risk, policy, and audit
• Bachelors or higher in cybersecurity, engineering, or related fields
• Relevant certifications (e.g., CISA, CRISC, CISSP, CCSK, CCSP, CGEIT, CDPSE)
• Strong knowledge of IT standards, cyber strategy, governance, and risk programs
• Technical expertise in security design and implementation
• Understanding across domains like AI, cloud, data protection, SOC/MSS, and cyber architecture
• Familiarity with standards: MAS TRM, ISO27001, NIST, Cybersecurity Code of Practice.
• Excellent communication, leadership, and cross-functional collaboration skills