Cyber Security Firm.

Job Details

Name of the Post : Manager, GRC No. of Post : 01
Job Type : Full Time Job Level : Mid-Level
Age Range : 28- 40 Years Gender : Male/Female


Job Summary :

    The Governance, Risk, and Compliance Manager is responsible for the assessing and documenting of the ISO 27001, PCI DSS, HIPAA, NIST SP 800 etc. compliance and risk posture as they relate to the its information assets. The purpose of this position is to provide highly skilled technical and information security expertise for development and implementation of the information security risk management program. Responsibilities require leadership and project management experience, as well as expertise to ensure effective system-wide security analysis; intrusion detection; standards and testing; risk assessment; awareness and education; and development of policies, standards and guidelines.


Job Responsibilities :
  • Lead the system-wide information security compliance program, ensuring IT activities, processes, and procedures meet defined requirements, policies and regulations.
  • Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
  • Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, ISO 27001, IS Audit.
  • Perform other duties as assigned to ensure the smooth functioning of the department and maintain the reputation of the organization as a viable business partner.
  • Recommend programmatic and technical directions and operate with a high degree of independence in matters relating to the investigation, impact, and analysis of security incidents, decisions regarding risk, and measures for computer and network security.
  • Operate with a high degree of independence with regard to project management activities, including development of project plans and budget/resource estimates

Academic Qualifications : 
  • Bachelor's degree in information technology or another related field
  • Information security experience in higher education or state/local government
  • Skills in documenting risk and compliance activities
  • Information security related training or certifications such as CISSP/CISA/CISM/PMP
  • Must have ISO 27001 LA/ISO 27001 LI related Certificate.
  • Experience performing information security audits or risk assessments
  • Familiarity with security auditing processes
  • Must have an understanding of policy development and dissemination
Experience Required :
  • Minimum (5) years' experience
Additional Job Requirements :
  • 5 years of experience with high level of information security/IS Audit experience and expertise
  • Knowledge of information security risk management frameworks and compliance practices.
  • Knowledge of securing network technologies, client, and server operating systems.
  • Ability to develop security standards and guidelines based on best practices and industry standards
  • Experience responding to, analyzing, and communicating information security incidents
  • 5 years of planning and managing security projects
  • Excellent interpersonal, communication, and presentation skills, including formal report writing experience
  • Understanding of common security standards and regulations relating to a higher education environment (e.g., PCI DSS, SWIFT CSP, ISO27001, etc.)
Salary range  : To be mention by the Applicant/ Negotiable
Other Benefits :
As per company policy.

Additional information:

Job Location:   Dhaka.

Last date of Apply: 01/07/2021


Send CV to E-mail :

Please enclose Photograph with CV.

Interested candidates are advised to send an application with a complete CV with two references to: (Company Mail Address) by June 24, 2021 Please mention in the subject line of your email: GRC Manager, Cyber Security.

Only short-listed candidates will be invited for the interview. All tests and interview will be held at (Company Address). We regret to inform that it is not liable to reply to all the submitted applications.