Cybersecurity Risk & Compliance / GRC Manager

Technical RequirementsBachelor’s degree in Cybersecurity, Information Technology, or a related field.Minimum of 10 years of experience in cybersecurity risk management, technical controls, or incident response.Certifications such as:CISSPCEHCISMGSECCCSPStrong technical expertise in:Vulnerability managementSOC operationsIncident responseResponsibilitiesIdentify, assess, and manage cybersecurity risks to protect information and technology assets in line with policies, laws, and regulations.Review, update, and develop the Third-Party Risk Management Framework to monitor and mitigate vendor-related cyber risks.Perform vulnerability assessments of systems and networks, identifying deviations from acceptable configurations or policies, and measure defense-in-depth effectiveness.Evaluate, design, implement, fine-tune, and enhance business continuity for digital services with complex interdependencies.Calculate, fine-tune, and align Business Impact Assessment (BIA) outputs, including Priority Tiers, RPOs, and RTOs.Develop and track risk treatment and mitigation plans.Analyze cybersecurity controls and assess effectiveness.Oversee vulnerability scans and implement cybersecurity technical controls.Monitor and test Security Operations Center (SOC) and incident response plans.Maintain cybersecurity aspects of the business continuity plan while tracking risk-related metrics.Perform security control assessments for compliance with company policies, ISO 27001, NIST, NCA, and regulatory requirements.Review and validate security configurations for critical systems (Active Directory, firewalls, servers, network devices).Evaluate and provide actionable recommendations to enhance system security configurations across on-premises and cloud platforms.Assess and improve the quality of security documentation, ensuring periodic technical assessments comply with governance requirements.Review technical and administrative security controls to identify gaps and recommend remediation measures.Collaborate with IT, compliance, and risk management teams to enhance security practices.Assist in preparing management and audit reports and presentations.Perform comprehensive assessments, configuration reviews, and documentation assessments to strengthen the organization’s security posture.Configure and manage vulnerability assessment tools and perform technical assessments across systems including Active Directory, firewalls, databases, and cloud platforms.#J-18808-Ljbffr