Senior Manager - GRC Cybersecurity (Security Compliance)

Job Description

The role is responsible to responsible for playing a crucial part in overseeing the organization's information security program, with a focus on governance, risk management, compliance, security awareness, and policy management. He/she will ensure the company adheres to relevant regulatory, legal, and industry frameworks. He/she will work independently to assess compliance risks, prepare for audits, and collaborate cross-functionally to support a strong and sustainable compliance posture.

Responsibilities

• Develop, implement, and manage the organization’s GRC framework aligned with regulatory requirements and industry best practices
• Lead internal and external information security audits; coordinate with stakeholders to ensure timely and effective remediation of findings.
• Oversee enterprise risk management practices, including risk identification, assessment, and mitigation related to information security.
• Manage the development and maintenance of security policies, standards, and procedures.
• Serve as the primary point of contact for security compliance matters, including regulatory audits and third-party assessments.
• Collaborate with Legal, IT, Internal Audit, and Business Units to ensure consistent compliance and risk management practices.
• Monitor changes in laws, regulations, and industry standards to assess impact and ensure ongoing compliance.
• Promote a culture of security and compliance awareness through training and stakeholder engagement.
• Perform any other duties assigned to by line manager related to the nature of the work
• Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence and vigilance, within departmental/unit activities and operations.
  
  

Qualifications

Preferred Qualifications

• Have a tertiary level qualification from an internationally recognized institution in Information Technology or Computer Science.
• Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
  
  

Years & Nature of Experience

• Recommended to have 5 to 7 years of equivalent experience where required competencies and experience has been demonstrated in Data Analytics, Data Operations, or related experience
• Advanced experience in information security, including GRC-related roles.
• Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management.
• Excellent communication and interpersonal skills for collaborating with various stakeholders.
• Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management.
  
  

Technical Competencies

• Data Governance
• Ethical Culture
• Data Mining & Modelling
  
  

Behavioral Competencies

• Digital Literacy
• Creative Thinking
• Communication