Epicareer Might not Working Properly
Learn More

Information Security Manager

Salary undisclosed

Apply on


Original
Simplified

JOB DESCRIPTION

As the IT Governance, Risk & Compliance (IT GRC) Manager, you will lead a team overseeing Project Management, Security & Compliance, and Quality Assurance. Ensuring strict adherence to industry standards like ISO 27001 and ISO 9001, you will drive technical audits, mitigate risks, and foster a culture of excellence. With strategic thinking and a collaborative leadership, you are tasks to implement and enforce policies and procedures to protect the integrity and maintain compliance of TGI’s IT operations.

DUTIES AND RESPONSIBILITIES

  1. Spearhead and coordinate the activities of the following teams:
  2. Project Management
  3. Security & Compliance
  4. Quality Assurance.
  5. Develop, implement, and maintain robust IT governance frameworks, policies, and procedures, ensuring compliance with regulatory requirements and industry standards, including ISO 27001, ISO 9001, and other organizational benchmarks.
  6. Drive strategic direction and provide expert guidance for IT projects, ensuring rigorous adherence to project management best practices and methodologies.
  7. Collaborate closely with cross-functional teams to meticulously identify, assess, and mitigate IT-related risks, fostering a culture of proactive risk management.
  8. Oversee and evaluate IT security controls and compliance activities through regular technical audits, assessments, and remediation efforts.
  9. Conduct meticulous reviews and assessments of IT processes, controls, and systems to pinpoint areas for enhancement and streamlining, in alignment with ISO 27001, ISO 9001, and organizational standards.
  10. Serve as a key liaison between IT and other business units, facilitating seamless communication and alignment on governance, risk, and compliance matters.
  11. Mentor and guide team members, cultivating a culture of accountability, collaboration, and relentless pursuit of excellence.
  12. Deliver comprehensive reports and updates to senior management and key stakeholders, detailing the status of IT governance, risk, and compliance initiatives, with a particular focus on ISO 27001, ISO 9001, and other organizational standards.

QUALIFICATIONS

A. Minimum Education

  • Bachelor’s degree in Information Technology, Computer Science, Business Administration, or related field; Master's degree or relevant certifications (e.g., CISA, CISSP, PMP) preferred.

B. Minimum Experience/Training

  • Extensive experience (at least 10 years) in IT governance, risk management, and compliance related roles, with a proven track record of leading technical audits, ensuring compliance with ISO 27001, ISO 9001, and other organizational standards.

C. Competency

  • Deep understanding of IT governance frameworks (e.g., COBIT, ITIL) and regulatory requirements (e.g., GDPR, HIPAA, SOX), with a focus on organization’s continued and sustained adherence to ISO 27001, ISO 9001, and organizational benchmarks.
  • Proficiency in project management methodologies (e.g., Agile, Waterfall) and tools, with demonstrated success in leading IT projects through their entire lifecycle.
  • Expertise in IT security principles, practices, and technologies, with hands-on experience in implementing security controls and compliance programs, particularly in alignment with ISO 27001 requirements.
  • Strong background in quality assurance and process improvement methodologies (e.g., Six Sigma, Lean), with a relentless commitment to delivering high-quality IT solutions and services in compliance with ISO 9001 and other standards.
  • Outstanding communication, interpersonal, and stakeholder management skills, with the ability to influence and collaborate effectively across all organizational levels.
  • Exceptional analytical and problem-solving abilities, coupled with a proactive and results-driven approach to addressing governance, risk, and compliance challenges.
  • Ability to work autonomously, prioritize tasks, and manage multiple initiatives in a fast-paced, dynamic environment.
  • Dedication to continuous learning and professional development, keeping abreast of emerging trends, technologies, and best practices in IT governance, risk management, and compliance, particularly in the context of ISO 27001, ISO 9001, and other organizational standards.

WORKING CONDITIONS

  • Hybrid work schedule aligned with IT Operations