Cyber Risk and Compliance Manager Job Description Template
Our company is looking for a Cyber Risk and Compliance Manager to join our team.
Responsibilities:
- designing and own service-based metrics to measure the effectiveness and ongoing compliance of the program;
- developing and maintain service-based process and control alignment to NIST-CSF, MITRE ATT&CK and other frameworks;
- providing implementation, timing and response advisory to leadership relative to risk actions;
- monitoring, track and report the status of agreed remediation actions with stakeholders;
- performing risk assessments to evaluate compliance with existing policies and standards in order to accurately identify gaps in alignment.
Requirements:
- industry certifications such as CISA, CRISC, CISM and CISSP are preferred;
- seasoned critical thinking, organizational and project management skills;
- 5+ years of enterprise experience in an audit or risk management role, with a focus on cyber security;
- experience with data acquisition, transformation, visualization and automated reporting;
- bachelor’s degree in Economics, Business, Finance, Engineering, Statistics, Computer Science or related fields required;
- strong knowledge of ISO 27001, ITIL, COBIT and NIST;
- ability to work as part of a global team across multiple countries, cultures and time-zones;
- expert understanding of IT controls across operational domains and information security environments;
- strong written and verbal communication skills, with the proven ability to engage effectively at all levels of an organization;
- adaptable character, capable of dealing effectively with colleagues and business users working in a constantly evolving, complex environment;
- deep understanding of Microsoft Office, Power BI and user interface design;
- ability to display, contextualize and present structured and unstructured data in a simple and intuitive manner.