We are hiring an experienced Information Security GRC Manager to join our group's Information Security team. This role is vital in protecting the organization's information assets, infrastructure, and ensuring compliance with regulatory and industry frameworks. You will apply your expertise in risk management and ISO standards to proactively address and minimize cyber risks, working closely with cross-functional teams and stakeholders.Key ResponsibilitiesRisk Management:

• Establish and oversee risk management processes to continuously monitor control effectiveness and key risk indicators.
• Identify, evaluate, and prioritize security risks related to the organization's systems, services, and information assets.
• Design and implement strategies to mitigate identified risks and protect sensitive data.
• Manage risks related to third-party vendors, ensuring proper security measures are in place.
• Collaborate with procurement and legal teams to incorporate security requirements in vendor agreements.

Policy & Compliance:

• Ensure adherence to security policies, standards, and procedures aligned with strategic goals, regulatory requirements, and industry best practices.
• Work with internal teams and partners to consistently enforce policies and maintain compliance.
• Align organizational practices with relevant compliance frameworks and guidelines.
• Lead governance and risk committees to uphold uniform security standards across projects and platforms.

Audits and Assessments:

• Oversee security audits and conduct regular risk assessments to enhance the organization's security maturity.
• Provide senior management and stakeholders with detailed reports on security risks, compliance, and the group's security posture.

Education and Awareness:

• Develop and manage security awareness initiatives to foster a culture of compliance and vigilance within the organization.

Qualifications and Skills Required:

• Bachelor's degree in Computer Science, IT, or a similar field (Master's preferred).
• Recognized security certifications (e.g., CISSP, CISM, CISA).
• Over 7 years of experience in Information Security Governance, Risk, and Compliance.
• Strong knowledge of frameworks such as ISO/IEC 27001, Cloud Security Alliance, NIST, PCI DSS, and GDPR.
• Familiarity with cloud platforms, e-commerce, integration, and customer-focused technologies.
• Understanding of security solutions like EDR, VM, DLP, IPS, firewalls, DevSecOps, and SIEM.
• Proven ability to lead diverse teams and drive strategic initiatives.
• Strong analytical skills, problem-solving abilities, and a focus on results.
• Exceptional communication, collaboration, and leadership capabilities.

Halian