Manager Group IT Governance Risk and Compliance

Job Summary:

This role is an excellent opportunity in the Cybersecurity team to be part of IT GRC practitioners. This position will assist the IT GRC lead to support and provide management of IT governance practices within DKSH. Ideally someone who has strong IT governance compliance and audit knowledge and IT security skills as a core competency.

This position willhave ownership to define implement document and validate theimplementationofIT governance framework and security controls processes and regulatory compliance and driving maturity of theoverall IT GRC practiceswithin DKSH.

Job Description:

• Support theexecution ofstrategicaldirection for the function from planning implementingand budgeting to motivational and promotional activities expounding the value of IT GRC
• Member of cybersecurity professionals on operational activities to build run and operationalize IT GRC practices with stakeholders
• Report and escalate to leadership management team on controls effectiveness and operational efficiencies
• Implement and promote IT GRC framework policies standards IT risk management and GRC tools across DKSH
• Promote and supportcenterof excellence for cybersecurity management continuous improvement and optimization of security solutions and processes
• Support the commissions or the preparationimplementation and validating of cybersecurity policies standards procedures and guidelines
• Lead and support the continuous ISO27001 compliance and certification
• Lead and supportthe design and operation of related compliance monitoring and improvement activities to ensure compliance with ISO27001 practices internal security policiesand applicable laws and regulations
• Support security awareness training and educational activitiesby providing suitable guidance to the team and stakeholders
• Lead or commissions information security risk assessments including vendor risk assessments contract reviews and controls selection activities
• Support the information security incident investigation and management processand post incident review from IT GRC standpoint

• Keep abreast of latest security and privacy legislation regulations adversaries alerts and vulnerabilities
• Support IT GRC on global data privacy practices

Job Requirement:

• Bachelors degree in Computing/Information Technology or equivalent;
• At least 8 years experience in similar role with at least 3 years in management position
• Excellent knowledge on IT governance framework practices policy management risk management and IT GRC tools
• Knowledge on IT environment and solutions such as Windows/Linux OSes AD cloud technology DNS DHCP IPS AV Firewalls Routers Switches VM etc will be advantageous
• Sense of ownership and pro-activeness to identify improve and optimize processes and mitigating gaps
• Excellent written and verbal communication skills; interpersonal and collaborative skills; and the ability to communicate security and risk-related concepts to technical and non-technical stakeholders;
• Strong ability to work independently and collaborate with diverse teams with multiple stakeholders;

Location: Menara KEN TTDI