Maintain Cybersecurity Governance: To refresh and align cybersecurity governance with regulatory requirements and best practices.

Ensure Cybersecurity Risk Management: To identify and assess cybersecurity risks to improve security posture and reduce impact.

Uphold Cybersecurity Compliance: To assure cybersecurity compliance requirements are audited and remediated accordingly.

Improve Cybersecurity GRC Operations: To enhance various GRC assessments and activities and be more agile in a fast-paced enterprise

Cybersecurity Compliance Tasks

• Perform assessments based on NCA regulations (such as ECC and OSMACC) and the client standards.
• Track findings, communicate with internal stakeholders, and validate evidences.
• Support in internal audit activities.
• Support in external audit activities (ISO27001).
• Prepare weekly and monthly status report for compliance status.

Cybersecurity Risk Management Tasks

• Perform risk assessments for new solutions and third parties, as well as major technology changes.
• Maintain risk register, follow up on mitigation plane with stakeholders and validate evidences.
• Represent cybersecurity in IT demand management and IT change management.
• Participate and develop Root Cause Analysis corrective actions resulting from Cybersecurity incidents.
• Prepare weekly and monthly status report.

 Cybersecurity Governance Tasks

• Review and update cybersecurity documentation such as standards and policies, as well as other documents part of cybersecurity governance framework.
• Develop new standards, processes, and procedures.
• Monitor cyber practices and operational KPIs.
• Create a governance review plan.