Role Purpose:
The role of a Cyber GRC Project Manager is instrumental in orchestrating and overseeing cybersecurity initiatives within the organization’s Governance, Risk Management, and Compliance (GRC) framework. This role encompasses program/project management, reporting, consultation, assurance, and data analytics, all tailored to the specific needs of cybersecurity.
Key Responsibilities:
- Program/Project Management and Reporting:
- Organize regular feedback and stand-up sessions with domain and control owners to monitor project progression and ensure alignment with cybersecurity objectives.
- Ensure meticulous documentation and proper formatting of evidence samples, complete with detailed descriptions and notes, and subsequently upload them to SharePoint for comprehensive record-keeping.
- Disseminate regular progress reports and control status updates to pertinent stakeholders, fostering transparency and accountability.
- Consultation and Assurance:
- Provide expert guidance on inquiries pertaining to cybersecurity controls, elucidating requirements and delineating the types of evidence essential for compliance.
- Facilitate online meetings with subject matter experts (SMEs) as required to establish a thorough comprehension of control prerequisites.
- Assist in deconstructing controls into manageable components, in line with defined evidence requirements, streamlining compliance efforts.
- Effectively manage steering committee (steerco) meetings and all relevant discussions, ensuring alignment with cybersecurity objectives and initiatives.
- Harness the power of data analytics to discern trends, patterns, and insights that bolster cybersecurity decision-making and risk management.
Qualifications and Skills:
- Bachelor’s degree in Cybersecurity, Information Technology, or a related field.
- Project management certification (e.g., PMP, PRINCE2) is highly desirable.
- Profound understanding of cybersecurity principles, controls, and best practices.
- Proficiency in project management methodologies and tools.
- Exceptional communication and stakeholder management skills.
- Ability to elucidate intricate technical concepts to non-technical stakeholders.
- Experience in orchestrating and moderating meetings, encompassing steerco meetings.
- Proficiency in data analytics tools and techniques, with a focus on cybersecurity analytics.
Experience:
- Demonstrated experience in project management, particularly in the domain of cybersecurity.
- Previous involvement in a Cyber GRC role or a similar capacity is advantageous.
- Familiarity with regulatory mandates and compliance frameworks relevant to cybersecurity (e.g., NIST, ISO 27001, GDPR).
- Proven ability to collaborate with cross-functional teams and subject matter experts.
- Track record of leveraging data analytics to support cybersecurity decision-making and risk mitigation.
Role Benefits:
The Cyber GRC Project Manager plays a pivotal role in fortifying the organization’s cybersecurity defenses, ensuring adherence to regulatory requirements, and proficiently managing cybersecurity risks. This role offers the opportunity to work at the intersection of cybersecurity and data analytics, enabling significant contributions to the organization’s security strategy and risk mitigation efforts.
Note: This job description provides essential information about the role’s scope and primary responsibilities, tailored to the context of Cyber GRC. Additional duties may be assigned to align with the dynamic nature of cybersecurity and GRC within the organization.
Desired Skills:
- PMP
- Prince2
- Data Analysis
- Cyber Security
- Programme Management
- Cyber security Principals
Desired Work Experience:
- 2 to 5 years