Job Description

Overview The Information and Cyber Security Governance Manager for is responsible for overseeing the governance, risk, and compliance activities across the Security Operations Center (SOC), Incident Management and Vulnerability Management. This role ensures that these critical areas operate in alignment with industry standards, regulatory requirements, and internal policies. The Governance Manager will establish and enforce policies, procedures, and controls to safeguard the organizations information assets and mitigate risks. Key Responsibilities Security Operations Center Governance Governance Framework: Develop, implement, and maintain the governance framework for the SOC, ensuring alignment with industry best practices and regulatory requirements. Policy Development: Create, review, and update security policies, standards, and procedures to ensure they are effective and up-to-date. Risk Management: Identify, assess, and mitigate security risks related to SOC operations. Develop risk management strategies and monitor the effectiveness of risk mitigation measures. Incident Response Oversight: Oversee the incident response process, ensuring that incidents are managed and resolved in accordance with established protocols. Training and Awareness: Develop and deliver training programs to enhance the security awareness and skills of SOC staff. Ensure that all team members are knowledgeable about governance and compliance requirements. Key Responsibilities Data Security Governance and Vulnerability Management Strategy: Develop, implement, and maintain the data security strategy and framework, ensuring alignment with industry best practices and regulatory requirements. Policy Development: Create, review, and update data protection policies, standards, and procedures to ensure they are effective and current. Risk Assessment: Conduct regular risk assessments to identify and mitigate potential data leakage risks. Develop risk management strategies and monitor their effectiveness. Incident Response: Oversee the data breach and incident response process, ensuring that incidents are managed and resolved according to established protocols. Monitoring and Analysis: Implement and manage DLP tools and technologies to monitor data flows and detect potential data leakage. Analyze DLP alerts and incidents to identify trends and areas for improvement. Training and Awareness: Develop and deliver training programs to enhance the data protection awareness and skills of employees. Ensure that all team members are knowledgeable about DLP policies and procedures. General Responsibilities Compliance Management: Ensure compliance with relevant security standards and regulations across SOC, DLP, and VAPT. Conduct regular audits and assessments to verify compliance. Risk Management: Identify, assess, and mitigate security risks related to SOC, DLP, and VAPT operations. Reporting and Metrics: Develop and maintain key performance indicators (KPIs) and metrics to monitor the effectiveness of the governance programs. Prepare and present reports to senior management. Collaboration: Work closely with other departments, such as IT, Legal, and Compliance, to ensure a cohesive approach to security governance. Continuous Improvement: Promote a culture of continuous improvement within SOC, DLP, and VAPT programs. Identify areas for enhancement and implement best practices. Qualifications Education: Bachelors degree in Information Security, Computer Science, or a related field. A Masters degree is preferred. Certifications: CEH / OSCP, and Any one of CISA, CISSP, CISM, CRISC, or other relevant certifications. Experience: Minimum of 5 years of experience in Security Operation Center Governance, risk, and compliance with specific experience in a SOC, Developing Key risk indicators, Threat Hunting, SOAR implementation, Defining MTTD MTTR, SIEM use cases.