Cybersecurity Managers run security-related operations within their department. They supervise analysts and administrators, taking responsibility for the cybersecurity team while dealing with high-level security issues.

Responsibilities

• Develop, implement, and maintain security policies, standards, and procedures aligned with business objectives and regulatory requirements.
• Collaborate with senior leadership and relevant departments to ensure compliance with governance frameworks.
• Align organizational security practices with established frameworks (e.g., NIST, ISO 27001, COBIT).
• Assisting in reviewing and enhancing policies, procedures, and controls to ensure they meet the required SOC 2 standards.
• Designing and implementing controls that align with SOC 2 requirements across areas such as access management, encryption, incident response, and system availability
• Conducting gap assessments to identify deficiencies in the existing control environment, followed by developing remediation plans before the audit begins.
• Familiarity with SOC 1 audits, which focus on internal controls over financial reporting (ICFR) for service organizations.
• Design and implement risk mitigation controls to address identified risks, including technical and procedural changes.
• Continuously monitor and identify potential risks, vulnerabilities, and threats to the organizations operations.
• Maintain and update a risk register, tracking identified risks, mitigation efforts, and residual risks.
• Coordinate internal and external compliance audits, ensuring that findings are addressed, and remediation plans are implemented.
• Present GRC metrics and risk posture through dashboards to keep leadership informed of the current status.
• Analyzing the SOC 2 Type 2 audit report, interpreting the auditor’s findings, and making recommendations for strengthening controls or maintaining compliance.
• Strong communication/stakeholder management skills
• Understanding of cloud architecture/deployments
• Work with Clients, help them understand security. Monitor their compliance and establish Objectives for security
• Experience with securing applications deployed on cloud platforms (Google, Microsoft,AWS)

Qualifications

• 10+ years of experience in cybersecurity, with a focus on governance, risk management, Vulnerability Management and compliance.
• Strong experience in developing and managing GRC frameworks and tools
• Proven track record of leading security risk assessments and compliance audits, as well as implementing mitigation strategies