Protect Our Future: Be a Cyber Security Risk Manager

beBeeCybersecurity
19, August 2025
Cibersegurança
Tempo inteiro

Descrição do trabalho

Job Title: Cyber Security Risk Manager

  • As a key member of our organization's security team, you will play a vital role in developing and implementing effective strategies to protect our assets. You will conduct thorough risk assessments, ensure compliance with industry standards, and maintain information security policies and procedures.
  • Develop and maintain comprehensive information security policies and procedures aligned with business needs and industry best practices
  • Ensure adherence to IT Management System (ITMS) requirements
  • Develop and maintain an information security risk framework to assess, monitor, and review information security risks for the organization
  • Maintain risk treatment strategies and work with risk owners to manage their lifecycle
  • Manage and implement an information security audit program, ensuring the management of non-conformities and improvement opportunities identified during audits
  • Manage identified vulnerabilities, policy violations, or non-conformities discovered during audits
  • Lead and manage the investigation and response to security incidents to ensure timely and effective containment, eradication, and recovery actions
  • Document incident details, actions taken, and contribute to post-incident reports for continuous improvement
  • Develop and implement security training and awareness programs for employees on best practices, policies, and security guidelines
  • Collaborate with different groups to promote a security-conscious culture
  • Implement and provide regular security reports to top management and other stakeholders, offering insights into the status of information security metrics
  • Required Skills:
  • Background in Information Technology
  • Experience in an Information Security role
  • Background in Information Security Risks processes and in IT/Information Security Audit
  • Ability to deliver security education and awareness training sessions and material
  • Excellent written/verbal communications skills and organisational skills
  • Knowledge of information security standards and regulations, such as ISO 27001, ISO 27002, ISO 27701, ISAE 3402, GDPR, DORA, and NIS2
  • Cybersecurity knowledge
  • Good level of English
Voltar para homepage