Talent.com
Cette offre d'emploi n'est pas disponible dans votre pays.
Cybersecurity Governance and Risk Officer

Cybersecurity Governance and Risk Officer

VitolGeneva, Geneva, Switzerland
Il y a 4 jours
Type de contrat
  • Temps plein
Description de poste

Job Description

The Governance and Risk Officer help ensure that the organization maintains a robust security posture, complies with relevant policies and standards, and fosters a culture of security awareness among employees.

Key Responsibilities :

  • Governance and Compliance :

Ensure compliance with relevant laws, regulations, and standards when required.

  • Develop, enforce, review, and monitor compliance and update security policies, standards, and procedures.
  • Risk Management :

    • Assist in Identifying and assessing risks across the organization.

  • Conduct risk assessments, identify potential security risks, and implement mitigation strategies.
  • Monitor and report on risk exposure and mitigation efforts.
  • Awareness and Training :

    • Plan and execute security awareness campaigns and conduct phishing simulations to test employee awareness.

  • Define security awareness campaigns for specific profiles within the organisation.
  • Manage the employment lifecycle and performance of personnel in accordance with security requirements (background checks, vetting, transfers, risk designations, succession planning, disciplinary action, and termination) - in alignment with Human Resources
  • Information Asset Inventories and Control Management

    • Maintain information asset inventories including categorization, critical assets, risks and security controls in place.

  • Ownership of the cybersecurity Control Catalog and ensure controls are applied.
  • Security Auditing :

    • Perform security audits, internally and respond to external audit demands.

  • Perform 3rd Party audits and maintain an inventory of vetted suppliers and tools

    • Qualifications

  • 5+ years of professional experience in cybersecurity, with focus on auditing, governance, risk management.
  • Strong understanding of regulatory requirements and industry standards
  • Knowledge of best practices in modern security architectures and incident responses
  • Relevant security certifications such as CRISC, CISA.
  • Familiarity with security control frameworks : CIS Controls, NIST Special Publication 800-53
  • Familiarity with cybersecurity frameworks : NIST CSF, ISO27001

    • Additional Information

  • Highly responsive, energetic and enthusiastic
  • Analytical thinking and problem-solving skills
  • Ability to work independently and as part of a team
  • Strong ethical standards and integrity
  • Capable of prioritising tasks and meeting critical deadlines
  • Excellent judgment, attention to details
  • Excellent communication and interpersonal skills
  • Expect duty to expand beyond normal business hours
  • User / business focus