Governance risk & compliance manager

Key Responsibilities:

● Cybersecurity Project Execution: Lead and execute cybersecurity projects throughout the entire lifecycle, from initiation to closure, with a primary focus on security outcomes and alignment with business objectives. This includes defining project scope, timelines, milestones, and resource allocation, always prioritizing security best practices.

● Security Risk Management: Proactively identify, assess, and mitigate security risks throughout the project lifecycle. Develop and implement risk mitigation strategies and ensure alignment with organizational risk appetite.

● Stakeholder Collaboration (Security Focus): Engage with internal and external stakeholders, emphasizing security requirements and implications. Effectively communicate security-related information and manage expectations related to project security deliverables.

● Security Compliance & Quality Assurance: Implement and monitor security controls and ensure projects adhere to relevant cybersecurity policies, regulations (e.g., DPDP, PCI-DSS), and industry standards. Conduct security assessments and ensure deliverables meet stringent security quality standards.

● Security Documentation & Reporting: Maintain comprehensive documentation related to security aspects of projects, including risk assessments, vulnerability reports, and security architecture diagrams. Prepare and present security-focused reports to senior management and stakeholders.

● Cybersecurity Expertise Application: Leverage deep expertise in cybersecurity to guide project teams and ensure projects are designed and implemented with security as a primary consideration. Provide security guidance and mentorship to team members.

● Incident Response & Escalation: Manage security-related escalations and incidents within projects, ensuring timely and effective response.

● Security Best Practices & Process Improvement: Continuously identify and implement security best practices and process improvements to enhance project security and organizational security posture.

Qualifications:

● Experience: Extensive experience in leading and executing projects with a strong emphasis on cybersecurity. Proven track record of successfully managing complex cybersecurity projects, preferably in the Cybersecurity and E-commerce sector. 12+ years of experience.

● Education: Bachelor’s degree in a relevant field (e.g., Computer Science, Information Security). Advanced degree or relevant security certifications (e.g., CISSP, CISM, CEH, OSCP) are highly desirable. PMP or other project management certifications are a plus.

● Cybersecurity Knowledge: Deep understanding of cybersecurity principles, practices, and technologies, including network security, application security, data security, and cloud security. Expertise in security architecture, risk management, vulnerability management, and incident response. Familiarity with regulatory requirements and industry standards (e.g., GDPR, PCI-DSS, NIST).

● Technical Skills: Hands-on experience with security tools and technologies, such as SIEM, vulnerability scanners, penetration testing tools, and firewalls. Familiarity with JIRA, Confluence, and other collaboration tools.

● Communication: Excellent verbal and written communication skills, with the ability to clearly articulate complex technical security information to both technical and non-technical audiences.

● Problem-Solving: Strong analytical and problem-solving skills, with the ability to effectively analyze security issues, assess risks, and make informed decisions.

● Leadership (Security Focus): Proven leadership skills, with the ability to mentor and guide team members on security best practices. Ability to influence and drive security-focused outcomes within project teams