▷ Immediate Start Information Risk Lead

Job Description About Cyble Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia,and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone. At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more aboutCyble, visitwww.cyble.com. Job Role Overview The Information Risk Lead will own, and drive improvement for, Governance, Risk, and Compliance (GRC) across the organization. He/She will report to the CISO and work closely with internal groups such as: Product Engineering, Information Security, Customer Success, Human Resources, Finance, and Research, etc. to manage risk across the organization. What You'll Do The Information Risk Lead will: - Be responsible for maintaining and evolving the overall cybersecurity risk management program - Ensure management awareness through transparent reporting of security risk and compliance posture - Provide continuous input to the CISO and help measure and improve the organization's cybersecurity risk posture - Effectively communicate security needs and business requirements to stakeholders - Analyse, gather evidence and document compliance with ISO27001:2022, SOC 2 Type II, ISO27701, GDPR and other applicable regulatory and compliance frameworks - Manage engagement with external Auditors for compliance audits - Ensure policies and procedures remain relevant and are formally reviewed and approved on a regular basis - Perform risk assessments and control gap analysis against policies and procedures - Run and evolve the vendor risk assessment process - Respond to client security risk assessment questionnaires - Maintain the Cyble Trust Portal - Support coordination for closure of identified gaps - Maintain the organization's GRC software solution and ensure data remains current - Promote security education and awareness across the organization What You'll Need - Bachelor's degree in business, computer science, information systems, engineering, or a related discipline - 6+ years of experience in information security, governance, IT audit, or information technology risk management - Experience with risk assessments and compliance to regulatory / compliance initiatives - Experience with cyber security and information security program management - Self-motivated and results-oriented, agile mindset, with excellent interpersonal and communication skills - Prior experience working with startups in a dynamic environment and SaaS companies would be an added advantage Certifications (desirable, but not mandatory) * CISSP * CISM * AWS / Azure /GCP security certification (any) * GRC Certification (any