Job Title: Cybersecurity Governance Specialist
This role involves implementing and overseeing cybersecurity policies, frameworks, and regulatory compliance for a major national transport provider.
About the Position
You will be responsible for supporting the implementation of effective cybersecurity measures, including evolving KPIs and reporting structures to measure internal security performance.
Key Responsibilities:
* Evolving and enhancing cybersecurity KPIs and reporting structures to effectively measure internal security performance.
* Defining and implementing cybersecurity performance indicators for third-party vendors to monitor and assess their compliance.
* Working cross-functionally with internal teams and external partners to enforce cybersecurity policies and ensure adherence to compliance standards.
* Drafting, updating, and publishing cybersecurity policies and procedures where required.
* Leading and performing cybersecurity risk assessments to proactively identify and mitigate threats.
* Managing internal and external security audits, including supplier assessments, and driving remediation of identified issues.
* Designing, implementing, and monitoring security controls to protect critical systems and data assets.
* Preparing and delivering insightful cybersecurity reports, dashboards, and performance metrics to leadership and key stakeholders.
* Providing timely updates on cybersecurity risks, incidents, and compliance status to meet regulatory and executive reporting requirements.
Requirements
Bachelor's or Master's degree in Cybersecurity, Risk Management, Business Information Systems, or a related field. Industry certifications such as CISM, CISA, CISSP, or CRISC are advantageous.
A minimum of 5 years of experience in cybersecurity governance, risk, and compliance is required. Strong experience in consolidating data from multiple sources and producing high-quality reports is essential. A solid understanding of cybersecurity regulations, standards (e.g., ISO 27001, NIST), and governance frameworks is necessary. Proven track record in conducting audits, risk assessments, and delivering compliance reporting is required. Excellent analytical, communication, and stakeholder engagement skills are necessary. Ability to work independently and collaborate effectively with multidisciplinary teams is also required.