information security & risk governance lead (grc).

• Develop, govern and enforce cybersecurity policies, standards, and guidelines to ensure robust security practices.
• Lead evaluations of security and privacy risks, coordinating swift responses to suspected cyber incidents/events.
• Monitor cybersecurity risks and report findings to relevant technical and business executive committees.
• Manage the Information Security GRC team, focusing on all cybersecurity aspects within the designated region, domains, and tech portfolio.
• Proactively drive risk reduction initiatives within the defined scope.
• Ensure effective security measures within the scope of assigned regions, domains, and technology areas.
• Collaborate on cyber strategy and roadmap creation for long-term security goals.
• Drive compliance with internal standards and regional cybersecurity regulations, both internally and externally.

skills and experience required
Minimum of 10 years' experience in Governance, Risk, and Compliance (GRC), with a solid understanding of cybersecurity frameworks such as ISO 27001, SOC 2, MITRE ATTACK, and NIST, as well as expertise in penetration testing and security audits.

Cloud Security and consulting background would be high preferred.

Skilled in managing incident response, evaluating cybersecurity risks, and conducting vulnerability assessments.

Proven ability to lead a team, with a track record of managing 2-3 direct reports.

Experience working in a regional setting, with the ability to navigate diverse regulatory environments and cultural considerations.

Whats on offer
The permanent opportunity for an Information Security & Risk Governance Lead (GRC), will pay a salary range of $15,000 - $ 17,000 plus benefits. This opportunity offers hybrid working arrangement.

To apply online please use the 'apply' function, alternatively you can reach me at
https://www.linkedin.com/in/Oliviatoh-032330132/. (EA: 94C3609 / R22109942)