Security Manager - GRC

Responsibilities1. Governance, Risk & Compliance (GRC)- Lead and manage SWIFT CSP, COSO, and ISO 27001 readiness, audits, and compliance programs. - Develop, implement, and maintain enterprise security governance frameworks, policies, and standards. - Conduct internal security audits, risk reviews, and gap assessments. - Track remediation plans and ensure timely closure of compliance findings. - Support certification and regulatory audits with proper documentation and evidence.2. Enterprise Risk Management- Perform enterprise-wide risk assessments to identify critical vulnerabilities and exposures. - Develop and monitor risk mitigation strategies and remediation plans. - Ensure alignment between security risk management and business objectives. - Prepare and present risk reports, dashboards, and security metrics to senior leadership and stakeholders.3. Security Operations- Oversee vulnerability management lifecycle, including identification, prioritization, remediation, and tracking. - Collaborate with Security Operations Center (SOC) for proactive threat detection and monitoring. - Ensure effective implementation of security controls across endpoints, networks, applications, and cloud environments. - Monitor security posture and ensure continuous risk reduction across enterprise systems.4. Security Tools & TechnologiesHands-on experience with enterprise security technologies including:- SIEM: Log analysis, alert tuning, correlation rules, and incident triage - DLP: Data protection policies, monitoring, and incident handling - EDR/XDR: Endpoint threat detection and response management - Firewalls: Security policy review, configuration validation, and compliance alignment - IAM: Identity governance, access control policies, and lifecycle management5. Incident Management & Response- Develop, implement, and maintain Incident Response (IR) frameworks and playbooks. - Lead end-to-end incident management, including containment, eradication, and recovery. - Conduct Root Cause Analysis (RCA) and coordinate post-incident reviews. - Prepare detailed incident reports for management, compliance teams, and auditors. - Ensure incident response processes meet regulatory and organizational requirements.6. Leadership & Stakeholder Management- Lead and mentor security analysts, SOC teams, and GRC professionals. - Work closely with internal teams, customers, vendors, and external auditors to address security requirements. - Provide clear communication, status updates, and executive reporting on security posture and initiatives. - Drive security awareness and cross-functional collaboration across the organization.7. Architecture, Governance & Secure Configuration- Develop and maintain enterprise security policies, standards, and procedures. - Ensure secure configuration baselines for infrastructure, applications, and cloud platforms. - Partner with DevOps, IT, and Cloud teams to embed security within the system development lifecycle. - Provide guidance on secure architecture design for new business initiatives and digital transformation projects.-Qualifications:- 10+ years of experience in Cybersecurity with strong exposure to GRC and Security Operations. - Hands-on experience with security frameworks and compliance standards (ISO 27001, SWIFT CSP, COSO). - Experience managing enterprise security tools and security monitoring platforms. - Proven ability to lead security teams, audits, and risk management programs.Strong understanding of cloud security, enterprise architecture, and security operations.

Apply Now