•To develop cybersecurity policies and procedures aligned with best practices and Local Regulations and standards. •To Assess patterns of non-compliance with organizations cybersecurity policies and procedures to ensure improvements. •To design, implement, and maintain a risk management program. •To identify the roles and responsibilities for execution of the Risk Management Framework. •To update the risk register based on the risk assessment. •Perform a cybersecurity risk assessment of organizations systems and information. •To develop and monitor the implementation of the risk treatment plan. •Develop and calculate KRIs\KPIs to monitor the risks. •To communicate cybersecurity risks, posture, and event / incident management reports to the stakeholders. •Conduct Application / Asset based Risk Assessment •Identification of Potential Risks and Threats •Risk Mitigation Strategies and Prioritization
•Proven experience in cybersecurity governance, risk management, and compliance within a corporate or consulting environment, preferably in the Middle East region.•Strong understanding of cybersecurity frameworks such as ISO 27001, NIST, COBIT or relevant frameworks.•Excellent analytical and problem-solving skills with the ability to assess complex risk scenarios.•Strong communication and interpersonal skills, with the ability to effectively engage stakeholders at all levels.•Self-motivated, detail-oriented, and able to manage multiple priorities in a fast-paced environment.•Fluency in English is required; proficiency in Arabic is a plus.
