We are looking for a Cyber Risk Manager (CRM) for a leading bank. The position is responsible for supporting the cyber security direction of the business and elevating bank's cyber security posture. The CRM is expected to support company’s cyber security strategy within new and existing information system capabilities. Consequently, the position requires both an understanding of legacy systems, as well as new technologies and requirements.

The ideal candidate is technical and possesses at least three years of experience in cyber security, risk management, or compliance. The role supports the Head of Cyber Risk to oversee the business information & cyber security requirements and obligations mandated by information security policies and standards and regulations such as the Payment Card Industry Data Security Standard (PCI DSS), Enterprise Technology Governance and Risk Management Framework (ETGRM) and General Data Protection Regulation (GDPR).  The CRM monitors progress and enforces resolution of outstanding cyber security risks that may lead to non-compliance or security threats to the business. As a key member of the Information Risk Management team, the CRM must focus on strong cyber risk management practices.

What you will do:

  • Identifying cyber risks and develop cyber risk registers.
  • Conduct various cyber risk assessments in line with the information security standards i.e. NIST, ISO.
  • Coordinate with business partners to safeguard against undue cyber security risk. Escalate to SMEs, relevant managers and business unit leads when points of weakness are discovered.
  • Develop and maintain cyber risk management and reporting frameworks.
  • Support the Head of Cyber Risk to identify, assess, document, communicate, and monitor cyber security risks.
  • Develop and deliver comprehensive risk reports to provide detailed insights of the current state of its cyber risks.
  • Analyze findings, document, recommend, and report program gaps to Cyber Risk Managers.
  • Compile monthly qualitative and quantitative metrics that demonstrate the business group’s cyber security posture.
  • Attend and fully engage in cyber risk management meetings.
  • Perform other duties as assigned. 

What you will need to have:

  • Bachelor’s degree in computer science, information assurance, MIS or related field, or equivalent industry experience.
  • At least 3+ years’ experience in cybersecurity as a practitioner and with at least 1 to 3+ years exposure with various security frameworks.
  • Experience of working as an internal/external auditor, risk manager etc. in a reputable firm.
  • Strong business acumen and cyber security technology skills for well-rounded proficiency, as well as proven ability to align with cyber security practices.
  • Experience in one or more of the following: NIST, ISO 27001/2, or ITIL. Experience and understanding of various regulatory requirements and laws, including but not limited to PCI and GDPR.
  • Exceptional written and verbal communication skills and proven ability to translate cyber security risk to all levels of the business.
  • Capacity to understand legacy and progressive technology and security controls along with respective risk. Working knowledge of technologies such as cloud computing, DevOps, and application security is required.
  • Prior experience using GRC systems from vendors such as Archer, Rsam, ServiceNow.
  • Holds or is working toward one or more of the following accreditations: CISSP, CRISC, CGEIT or GRCP

Job Details

Functional Area:
Total Positions:
1 Post
Job Shift:
First Shift (Day)
Job Type:
Job Location:
Clifton, Karachi, Pakistan
Gender:
No Preference
Minimum Education:
Bachelors
Career Level:
Experienced Professional
Minimum Experience:
3 Years
Apply Before:
May 07, 2023
Posting Date:
Apr 07, 2023
Diversity Inclusion:
We value diversity of our employees. All qualified applicants will receive fair consideration without regard to genders or socio-economic backgrounds.

Work Environment

Supervisor’s gender:
Male
Percentage of female coworkers:
50-59%

The Researchers

Banking/Financial Services · 1-10 employees - Karachi

What is your Competitive Advantage?

Get quick competitive analysis and professional insights about yourself
Talk to our expert team of counsellors to improve your CV!
Try Rozee Premium
I found a job on Rozee!