Security Manager Risk and Compliance Job
About the Security Manager Risk and Compliance Job
Responsibilities: – Security Manager Risk and Compliance Job
- Lead the Governance, Risk & Compliance team at Noon Group
- Hiring and mentoring new team members within the GRC function
- Lead GRC program from both a strategy and execution standpoint
- Own all aspects of the compliance requirements, including the management and implementation of the key controls of PCI-DSS, ISO 27001, and SOC 2 across our group of companies.
- Build an Engineering-first GRC program by leveraging engineering principles to address compliance challenges.
- Overseeing the design and implementation of the Vendor Risk Assessment program and liaising with outside vendors/suppliers regarding security and compliance measures.
- Provide Subject-Matter-Expert guidance on the org-wide risk management program and risk appetite.
- Development & implementation of data privacy framework and processes (e.g., TOM, policies & procedures, Consent Management, DSAR requests, Data Privacy incident management, etc.)
- Perform Gap Analysis and Risk Assessment as per the defined scope.
- Effectively write and communicate audit, assessment or compliance results, findings, and recommendations to stakeholders while ensuring high-quality and proper documentation of project deliverables.
- Communicate to the management on a regular basis on compliance status and any issues related to meeting the business compliance commitments
- Design and execute information security awareness strategy and programs and Develop information security awareness content.
- Ensure that Information Security policies and procedures comply with regulations; draft, edit, and publish policies and procedures when they need to be updated or created
- Serve as an internal point-person for our employees by translating security policy and compliance frameworks into actionable requirements and guidance to inform their work
Background Skills: -Security Manager Risk and Compliance Job
- +6 years of overall compliance, risk management, and data privacy experience with +8 years in InfoSec/Cybersecurity
- Bachelor’s degree, or equivalent experience, in Computer Science, Engineering, Mathematics or a related field.
- Experience in the interpretation and practical application of data privacy laws including GDPR
- Must have at least 5 years in managing regulatory and compliance framework requirements (e.g., PCI DSS, SOC2, ISO27001, ISO 27701, GDPR, NCA/NDMO data privacy framework)
- Experience in Data Protection Impact Assessments.
- Good understanding of regional security standards and regulations
To be successful in this role, we are looking for individuals that have …
- Strong ability to define, drive and execute a program vision, strategy, approach, and milestones in alignment with organizational priorities and initiatives
- Experience in managing teams, delivering high-quality audit work products, and communicating effectively with various partners (e.g., external/internal audit, senior management, etc.)
- Strong ability to assess the big picture, connect the dots and apply to tasking
- Excellent verbal and written common security Manager Risk and Compliance Jobication skills with both technical and non-technical partners, with a focus on informing, influencing and relationship building
- Ability to build rapport with business units to identify privacy risks/trends and keep abreast of new products/initiatives.
- Experience in international standards and local regulatory requirements related to payment security, data privacy and protection.
- Ability to monitor and keep current with changes and trends in the regulatory landscape.
Preferred Qualifications: – Security Manager Risk and Compliance Job
- Having a previous engineering background is highly preferred.
- Experience in privacy management, data discovery, data classification/labeling, and data security is a plus.
- Relevant GRC-related security certifications are desirable.
- Experience in using cloud providers such as AWS, GCP
- Establishes industry expertise through writing, speaking, shipping open-source projects, or online presence.
Security Manager Risk and Compliance Job