- Accountable for Organization Cybersecurity Governance, Risk and Compliance (GRC) systems and activities.
- Responsible for overseeing the work assigned to GRC section staff
- Ensuring JIGPC's data, information systems and networks are protected by appropriate Cybersecurity controls and providing GRC related support to users as and when required.
- Conducting Cybersecurity Risk Management of JIGPC's Information assets and services, and, work with risk owners to mitigate their risks through appropriate Cybersecurity controls.
- Responsible for managing the third-party cybersecurity risk management program
- Developing, maintaining, and regularly updating a Cybersecurity Risk Register and contribute toward enterprise related risks requirements.
- Developing, maintaining, and regularly updating Cybersecurity policies, processes, procedures, and other related documentation and contributing towards their improvements.
- Performing Compliance Management for JIGPC Cybersecurity Policies, Procedures, applicable Regulations (MoE, NCA and HCIS) as well as Standards and Audit Recommendations.
- Preparing and providing regular Cybersecurity Reports (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.) for the Cybersecurity Director and Top Management.
- Developing and Operating a Cybersecurity Awareness Program consisting of Cybersecurity related training and awareness sessions, Phishing awareness and Tests and Cybersecurity Announcements, etc.
- Interacting with Consultants for GRC projects and ensuring the projects are completed on time and within budget.
- Ensuring distribution of knowledge within the Cybersecurity team through coaching and training of junior staff, contributing to the technical robustness of the team.
- Identifying and managing data privacy risks and compliance requirements
- Contributing to strengthening organization's Cybersecurity posture.
- Minimum Qualifications (degree, training, or certification required)
- Degree: Bachelor's Degree in Cybersecurity, Information Security, Computer Science or equivalent.
- Certifications: GRC and Cybersecurity related certifications (e.g. CISSP, CISA, CRISC, CISM, CEH, GIAC, SSCP, etc.) preferred.
- Training and other requirements:
- Robust knowledge of Cybersecurity regulations, standards, and controls.
- Strong understanding of IT / OT /Cybersecurity Governance, IT/OT technologies, and services.
- Expertise in preparing and analysing GRC and Cybersecurity reports.
- Experience in IT / OT Cybersecurity related Audit / Compliance / Regulatory discussions.
- Minimum Experience (Technical, functional, and/or leadership experience required)
- Eight to Ten (8 – 10) years of Cybersecurity /Information Security related work experience in the area of IT/OT Cybersecurity GRC or IT/OT Cybersecurity management.
- Job Specific Skills (Key functional, leadership, or business skills required)
- Awareness of latest IT/OT /Cybersecurity GRC trends and techniques.
- Ability to identify Cybersecurity related Risks and their corresponding controls.
- Ability to work under pressure in a fast-paced environment and meet tight deadlines.
- Ability to work successfully in both individual and team settings.
- Strong critical thinking, problem-solving, logic, and forensics skills.
- Demonstrated capacity to learn, intellectual honesty and independent thinking.
- Strong leadership skills.
- Strong verbal and written communication skills in English.
- Ability to deliver effective presentations to all levels of management.
Cybersecurity GRC Manager - Jazan, المملكة العربية السعودية - Air Products Middle East Industrial Gasses LLC
وصف
PRINCIPAL DUTIES AND RESPONSIBILITIES