Job Description
Governance, Risk, and Compliance (GRC): Lead and manage GRC processes, ensuring alignment with regulatory requirements, internal policies, and industry best practices. Assist in the identification, assessment, and mitigation of security risks across the organization.
Security Risk Assessment: Conduct comprehensive security risk assessments to identify vulnerabilities, evaluate potential threats, and recommend security enhancements. Work with cross-functional teams to implement risk management strategies.
Application Security: Evaluate and implement security measures within the software development lifecycle (SDLC) to ensure secure coding practices and minimize vulnerabilities in applications.
Cybersecurity Assessment: Perform regular cybersecurity assessments, including penetration testing, vulnerability scanning, and security audits, to identify weaknesses and recommend remediation measures.
Incident Management & Response: Support incident detection, investigation, and resolution. Help design and implement incident response plans and ensure that security incidents are managed effectively and promptly.
Reporting & Documentation: Prepare detailed reports on risk assessments, security incidents, compliance activities, and security audit findings for stakeholders. Ensure documentation of all security processes, policies, and procedures.
Collaboration: Work closely with IT teams, developers, and business units to ensure that security and compliance are integrated into business operations, systems, and technologies.
Bachelor's Degree in Computer Science, Information Security, Cybersecurity, or a related field.
A minimum of 1 year of experience in a related field, with a focus on GRC, security assessments, and application security.
