Director Cybersecurity

Job Summary The Security Risk and Compliance Analyst is responsible for conducting thorough security assessments, reviewing technical designs for potential vulnerabilities, and recommending suitable mitigations. This role involves ensuring compliance with security standards, designing effective controls, and tracking risks to meet internal and external requirements. The ideal candidate will collaborate with various teams to mitigate risks and ensure secure and compliant operations across applications, infrastructure, and cloud environments. Key Responsibilities • Perform security risk and compliance assessments for security controls defined for specific client projects. • Review technical design documents for information security risks and recommend suitable controls and mitigations. • Analyze the technology landscape, including applications, infrastructure, and cloud, to identify threats, vulnerabilities, and compliance requirements. • Test and evaluate controls across domains such as patch management, backup management, network security, identity management, and vulnerability n management. • Review supplier control designs and technical specifications for compliance with client security requirements. • Identify, design, and implement controls based on risk assessments, ensuring remediation and documentation of residual risks. • Monitor and document risks, classify them appropriately, and ensure timely tracking and resolution as per IRM standards. • Validate the effectiveness of controls through structured testing and reporting. • Collaborate with teams to provide recommendations for remediating identified risks and ensuring all necessary controls are implemented effectively. • Assess and classify potential business and infrastructure information risks to meet compliance and security objectives. Required Qualifications • Bachelor's degree in Computer Science, Information Technology, or a related field. • 8-10 years of experience in Governance, Risk, and Compliance (GRC). • Strong understanding of security standards such as ISO 27001, NIST CSF, NIST 800-53, and PCI DSS. • Excellent communication, troubleshooting, organizational, and analytical skills. • Familiarity with audit requirements, processes, and scripting languages. • Certification in information security or risk management (mandatory). • Hands-on experience with tools such as: • Catachi • Cos Compliance.ai • BigID • OneTrust • StealthINTERCEPT Preferred Qualifications • Strong ability to work independently and within a collaborative team environment. • Knowledge of additional security frameworks and tools. Education: Bachelors Degree Certification: RIMS-Certified Risk Management Professional