Job Purpose:
To lead and coordinate the implementation of cybersecurity governance frameworks at the organization level, ensuring alignment with relevant policies and standards. The role includes providing specialized expertise in policy development, compliance management, and contributing to enhancing the effectiveness of security controls and reducing cybersecurity risks.
Key Responsibilities:
- Develop and update institutional cybersecurity governance frameworks, policies, and procedures.
- Ensure compliance with local and global regulations and standards (e.g., NCA, ISO 27001, NIST, GDPR).
- Conduct periodic reviews to ensure the effectiveness of compliance, identify gaps, and propose corrective actions.
- Support the implementation of the Minimum Baseline Security Standards (MBSS) and track performance.
- Provide periodic reports on cybersecurity compliance indicators to senior management.
- Identify and analyze cybersecurity risks and provide recommendations to mitigate their impact.
- Collaborate with various departments to integrate governance and risk management practices into operational processes.
- Oversee the development of policies and procedures in alignment with regulatory changes and emerging threats.
- Design and implement cybersecurity awareness programs for employees at all levels.
- Promote a culture of organizational security awareness and deliver internal workshops and lectures.
- Coordinate with cybersecurity teams during incident response to ensure adherence to governance frameworks.
- Review past incidents and extract lessons learned to improve policies and practices.
- Monitor global developments and emerging trends in cybersecurity governance and compliance.
Qualifications and Experience:
- Bachelor's degree in Cybersecurity, Information Security, Information Technology, or a related field at minimum.
- Minimum of 6 years of experience In cybersecurity governance, compliance, or risk management.
