Job Description & How to Apply Below
Job Description For Cyber Risk & Data Privacy
I) Cyber / IT / Technology / Application / Information Security Risk
• Strategy:
Define and implement cybersecurity and information security strategies
aligned with business objectives. Establish frameworks, KRIs, KPIs, and dashboards
for Lines of defence.
•
Risk Management:
Conduct assessments, identify gaps, score risks, and recommend
mitigations and improvements using industry standards and controls. Evaluation of
information security threats and their impact to clients IT environment.
• Testing & Maturity:
Evaluate ISMS controls, test operating effectiveness, and provide
maturity analysis.
• Stakeholder Engagement:
Collaborate with executives and IT teams; communicate
complex concepts clearly to non-technical audiences.
• Governance & Compliance:
Implement robust GRC structures ensuring adherence to
regulations (GDPR, NIST-CSF, NIST-800 53, ISO 27001, DORA, ISO 42001,
SOX/SOC 2, PCI-DSS)
• Cyber Resilience:
Enhance organizational cyber resilience and risk posture
• Risk Quantification:
Proficiency in quantitative risk analysis methods (e.g., FAIR)
and CRQ tools.
• Reporting & Metrics:
Design reports, dashboards, and risk metrics for management,
LODs
• Innovation:
Drive automation and AI adoption in risk management, including GenAI
and agentic AI.
• Tools: Proficiency in cybersecurity and GRC platforms
II) Data Privacy Risk
• Strategy & Compliance:
Develop privacy programs, policies, strategies aligned with
regulations (GDPR, CCPA, PDPA, ISO 27701, PIPEDA, Australian Privacy Act)
•
Risk Management:
Perform audits, DPIAs, and risk assessments; report gaps and
recommend mitigation; evaluation of data privacy threats and their impact on clients IT
environment
• Communication:
Effectively engage technical and non-technical stakeholders.
• Tools: Familiarity with data privacy GRC tools
III) Cloud Risk
• Assessment:
Identify and mitigate risks in cloud adoption and operations; assess cloud
security posture and provide solutions for improvement
• Compliance:
Ensure adherence to ISO 27017, ISO 27018, CSA CCM.
• Technical Expertise:
Strong knowledge of AWS, Azure, GCP, and cloud risk tools
(Service Now, One Trust, BigID, Archer), CSPM tools
• Communication: Deliver clear, actionable insights.
IV) AI Risk
• Compliance &
Risk Management:
Conduct AI compliance and security audits, pre implementation reviews, and privacy assessments (ISO/IEC 42001, NIST AI RMF, EU
AI Act)
• Governance:
Develop frameworks, strategy, and governance model for responsible AI
systems.
• Tools:
Experience with AI risk management platforms (e.g., Service Now,
Metric Stream)
Note that applications are not being accepted from your jurisdiction for this job currently via this jobsite. Candidate preferences are the decision of the Employer or Recruiting Agent, and are controlled by them alone.
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
To Search, View & Apply for jobs on this site that accept applications from your location or country, tap here to make a Search:
Search for further Jobs Here:
×