Head, Governance Risk (Certifications, Cyber Security Framework) at Unified Payment Services Limited

Job Description

• The Head of Governance Risk is responsible for establishing and maintaining a comprehensive governance framework that ensures compliance with cybersecurity standards and certifications across the organization.
• This role involves developing risk management strategies, overseeing the implementation of cybersecurity frameworks, and ensuring that all security policies align with regulatory requirements.
• The Head will collaborate with various stakeholders to promote a culture of risk awareness and compliance while leading efforts to achieve and maintain relevant cybersecurity certifications.
• Additionally, this position includes continuous monitoring of the organization's security posture and adapting governance practices to address emerging threats and evolving regulatory landscapes.

Duties & Responsibilities

• Develop and implement a comprehensive governance framework for cybersecurity that aligns with organizational objectives.
• Oversee the organization’s compliance with relevant cybersecurity regulations and standards (e.g., ISO 27001, ISO 20000, ISO 22301, PCIDSS, PCIPIN, PCICVP, PCI3DS, NDPC).
• Conduct risk assessments to identify vulnerabilities and recommend appropriate mitigation strategies.
• Lead efforts to achieve and maintain cybersecurity certifications, ensuring all processes meet the required standards.
• Collaborate with internal departments to integrate governance practices into operational processes effectively.
• Develop training programs to enhance staff awareness of governance policies, risk management practices, and compliance requirements.
• Monitor industry trends and advancements in cybersecurity frameworks to continuously improve governance strategies.
• Prepare reports for senior management on the status of governance initiatives, risks, and compliance efforts.
• Facilitate audits and assessments related to governance and compliance, addressing any identified gaps or deficiencies.
• Engage with external partners and regulatory bodies to stay informed about changes in cybersecurity regulations and best practices.

Requirements
Education: 

• Bachelor’s Degree in Information Security, Cybersecurity, Computer Science, or a related field.

General Experience:

• Candidates should have a minimum of 7 years of experience in governance, risk management, or compliance within the cybersecurity domain.
• Certifications Key certifications include Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM) or Certified in Risk and Information Systems Control (CRISC), which validates expertise in governance, risk management, and compliance