Overview

Job Overview: Responsible for developing, implementing, and managing the organization's Information Security Governance, Risk Management, and Compliance (GRC) programs. Ensure that information security controls, processes, and solutions are clearly defined and effectively implemented, aligning with current business needs and relevant regulatory standards, including NIST CSF, PCI DSS, BNM RMiT, and ISO/IEC 27001 Standards.

Responsibilities

• Lead and continuously improve information security control policies, procedures, and guidelines in line with regulatory, ISMS requirements, and industry best practices.
• Facilitate periodic reviews of information security control policies, procedures, and guidelines.
• Promote awareness and publish IT security bulletins on cybersecurity topics.
• Provide and facilitate training on governance, compliance, risk management, and security-related matters.
• Develop and implement secu...