As a Governance Specialist, you will be responsible for providing information security policy and risk governance services to various projects and routine business operations across the organization. You will work with policy owners, risk owners, and projects, assisting them by performing threat and risk assessments on the various solutions being built.
The role is ideal for individuals who are passionate about cybersecurity and have experience in policy development, risk management, or compliance. If you come from another industry and you've never worked in Security before, then we are still interested. We will complement your existing knowledge of compliance, quality, or risk by providing specialist security training.
Your responsibilities will include:
* Working with policy owners and stakeholders as the security policy subject matter expert, supporting review cycles and exception requests.
* Identifying relevant security policy requirements, helping to avoid threats to the confidentiality, availability, and integrity of systems.
* SUPPORTING CYBERSECURITY RISK MANAGEMENT AND GOVERNANCE, ensuring risks are effectively documented, monitored and managed by the relevant risk owners.
* Performing compliance assessments of projects and stories, ensuring secure-by-design systems that are compliant with the policy set, security strategy, and legislations.
* Working closely with our compliance and enterprise risk team, ensuring our cybersecurity risk management and policy framework complies with regulatory requirements.
* Promoting security awareness and advocating for policy.
* Coordinating and supporting the management and cyclical review of the cybersecurity policy framework.
* Providing governance support for the organization's cybersecurity risk profile.
* Reviewing exception requests and risk remediation plans for accuracy and risk impact.
* Writing risk reports for internal compliance and stakeholder reporting.