Chief Manager - Cyber Security Risk

Brief DescriptionROLE SUMMARY ·         Chief Manager - Cyber Security Risk is responsible for implementation and governance of Cyber Security, Risk and Compliance frameworks. ·         The role takes the lead for the implementation of information security policies, standards, procedures, and best practices to ensure the confidentiality, integrity, and availability of information assets. ·         The role coordinates and conducts internal and external risk assessments to assess the effectiveness of information/cyber security controls and suggest/supervise the closure of the identified gaps. ·         The role works closely with other business units, CISO, CIO, IT teams and external stakeholders to confirm alignment of information/cyber security objectives.   KEY RESPONSIBILITIES Role and Responsibility ·         Leading the establishment, implementation and maintenance of IT/Cyber Security, Risk and Compliance framework that meets regulatory requirements and protects the information and technology assets of MFL. ·         Managing the development and promotion of Cyber Security, Risk and Compliance policies, procedures, standards, guidelines and reporting requirements to protect information and technology assets. ·         Leading the Cyber Security Risk function to ensure that resources (people, technology, and processes) are appropriate to the required standards of operation, cost-efficiency, best practice, and performance. ·         Manage Red teaming, VA-PT and the other Risk assessment as per the business needs   KEY SKILLS & BEHAVIOURAL ATTRIBUTES ·         Expertise in information/Cyber security standards, frameworks, and best practices, such as ISO 27001, NIST etc. ·         Ability to assess security policies, procedures, and controls across the organization. ·         Experience in conducting risk assessments and compliance reviews and preparing reports and recommendations. ·         Strong leadership and communication skills, with the ability to influence and collaborate with senior management and stakeholders. ·         Knowledge of emerging security threats, trends and technologies, and the ability to proactively identify and mitigate risks. ·         Critical thinking and problem-solving skills, with the ability to analyze complex situations and provide effective solutions. ·         High ethical standards and integrity, with the ability to handle confidential and sensitive information.   EDUCATION / EXPERIENCE ·         Graduate / Postgraduate in computer science, information systems/ Technology, Cybersecurity, or a related field ·         Minimum 10 years of experience in information security management, compliance, and risk assessment roles, preferably in a large and complex organization. ·         Certification in relevant security domains, such as CISSP, CISM, CRISC, CEH, Red Teaming etc ·         Should have strong leadership, communication, analytical and problem-solving skills. ·         Display a high level of integrity, professionalism, and ethical conduct.Preferred SkillsCore Cybersecurity Skills

Cyber Security Management Information Security Governance Risk Assessment & Management IT Security Compliance Vulnerability Assessment (VA) Penetration Testing (PT) Red Teaming Threat Detection & Response Incident Management Data Protection & Privacy Network & Infrastructure Security Security Monitoring & Auditing Identity and Access Management (IAM) Endpoint Security Cloud Security

Frameworks & Standards

ISO 27001 NIST Cybersecurity Framework PCI DSS COBIT GDPR / Data Privacy Regulations Cyber Risk Framework Implementation

Technical Tools (if space allows)

SIEM Tools (e.g., Splunk, QRadar, ArcSight) Vulnerability Scanners (e.g., Nessus, Qualys) Endpoint Security Solutions Firewalls / IDS / IPS Cloud Security Platforms (AWS, Azure, GCP Security)

Leadership & Soft Skills

Team Leadership & Mentoring Policy Development & Implementation Cross-functional Collaboration Strategic Planning & Execution Communication & Stakeholder Management Analytical & Problem-Solving Skills Ethical & Confidentiality Standards

Certifications (as Keywords)

CISSP CISM CRISC CEH ISO 27001 Lead Implementer / Auditor CompTIA Security+ Red Team Professional Certifications

Experience Keywords

10+ Years in Cybersecurity / Information Security Cyber Risk Governance IT Compliance Audits Enterprise Security Operations Regulatory Compliance Management