Cybersecurity Risk Manager

About
The role holder is responsible for maintaining the risk register, identifying cybersecurity risks, and ensuring mitigation plans. They will oversee risk treatment, evaluate threats and controls, develop threat models, and ensure disaster recovery and business continuity plans include cybersecurity.

Responsibilities

• Maintain risk register and ensure identifying cybersecurity risks.
• Review risk register and ensure an appropriate mitigation plan is in place.
• Ensure risk treatment plans are implemented in alignment with approved plans.
• Ensure escalation of inherent risks to ERM for business escalation and acceptance.
• Evaluate business impact of sensitive or critical business information associated with target environments.
• Evaluate threats and related risks to target environments and oversee collection of information on business applications to identify risks.
• Evaluate cybersecurity controls effectiveness and adequacy for risk treatment.
• Develop and maintain Threat Modeling and associated risk scenarios.
• Ensure Cyber Resilience team updates the framework according to attacks and aligns with framework guidelines.
• Ensure disaster recovery plans and business continuity management teams include CS in their events and account for CS attacks.
• Oversee CS Resilience trainings and plans and support in developing them.
• Prepare a test plan (including plans for the review process and run-throughs) and perform tests and verification against detailed applications & infrastructure CS BC/DR requirements in alignment with GD Risk.
• Maintain and develop the company KSA Cyber Resilience process, plans in alignment with BCM and BU partners.
• Review CS resilience of CS DR controls and coordinate response to continuity and recovery responses to cyber breaches and incidents in alignment with GD Risk.
• Evaluate CS systems operations performance and perform the required technical assessment to assure capturing any potential security risk and work with the owners to mitigate the highlighted risks.
• Oversee the development of CS Risk methodology and communicate it with the company group subsidiaries.
• Manage the development of guidelines for the company group subsidiaries in alignment with CS GRC frameworks.
• Ensure full alignment with CS Governance and any relevant function regarding CS Risk and Cyber Resilience frameworks.
• Ensure proper alignment with CSDG Enablement in regard to any topic requiring sharing with the company group subsidiaries.

Requirements

• A minimum of 8 years of related experience in leading the Cyber Security function for a large organization, preferably within the telecom industry.
• Bachelor Degree in Computer Science or Information Technology.
• Additional Education Certifications are preferred.