Job Description For Cyber Risk & Data Privacy
I) Cyber / IT / Technology / Application / Information Security Risk
β’ Strategy: Define and implement cybersecurity and information security strategies
aligned with business objectives. Establish frameworks, KRIs, KPIs, and dashboards
for Lines of defence.
β’ Risk Management: Conduct assessments, identify gaps, score risks, and recommend
mitigations and improvements using industry standards and controls. Evaluation of
information security threats and their impact to clients IT environment.
β’ Testing & Maturity: Evaluate ISMS controls, test operating effectiveness, and provide
maturity analysis.
β’ Stakeholder Engagement: Collaborate with executives and IT teams; communicate
complex concepts clearly to non-technical audiences.
β’ Governance & Compliance: Implement robust GRC structures ensuring adherence to
regulations (GDPR, NIST-CSF, NIST-800 53, ISO 27001, DORA, ISO 42001,
SOX/SOC 2, PCI-DSS)