GRC Lead

About Cyble:

Cyble is revolutionizing the landscape of cybersecurity intelligence. Founded in 2019, Cyble began as a visionary college project and has quickly transformed into a leading force in proactive cyber threat detection and mitigation, that is now globally significant, with people in 20 countries - Headquartered in Alpharetta, Georgia, and with offices in Australia, Malaysia, Singapore, Dubai, Saudi Arabia and India

Our mission is clear: to provide visibility, intelligence and cybersecurity protection using cutting-edge advanced technology, giving enterprises a powerful advantage. We democratize real-time intelligence about cyber threats and vulnerabilities, enabling organizations to take proactive measures and maintain robust cybersecurity. We strive to make the digital world a safer place for everyone.

At Cyble, artificial intelligence (AI) and innovation are central to all operations, with a commitment to continuous improvement and excellence in both products and business practices. Cyble values inclusivity, offering team members autonomy and flexibility to balance their professional and personal lives. Cyble fosters a culture where employees voices are heard, contributions are recognized, and everyone is encouraged to be part of something extraordinary. To learn more about Cyble, visit www.cyble.com.

Job role Overview:

The Information Risk Lead will own, and drive improvement for, Governance, Risk, and Compliance (GRC) across the organization. He/She will report to the CISO and work closely with internal groups such as: Product Engineering, Information Security, Customer Success, Human Resources, Finance, and Research, etc. to manage risk across the organization.

What You‘ll do:

The Information Risk Lead will:

• Be responsible for maintaining and evolving the overall cybersecurity risk management program
• Ensure management awareness through transparent reporting of security risk and compliance posture
• Provide continuous input to the CISO and help measure and improve the organization’s cybersecurity risk posture
• Effectively communicate security needs and business requirements to stakeholders
• Analyse, gather evidence and document compliance with ISO27001:2022, SOC 2 Type II, ISO27701, GDPR and other applicable regulatory and compliance frameworks
• Manage engagement with external Auditors for compliance audits
• Ensure policies and procedures remain relevant and are formally reviewed and approved on a regular basis
• Perform risk assessments and control gap analysis against policies and procedures
• Run and evolve the vendor risk assessment process
• Respond to client security risk assessment questionnaires
• Maintain the Cyble Trust Portal
• Support coordination for closure of identified gaps
• Maintain the organization’s GRC software solution and ensure data remains current
• Promote security education and awareness across the organization

What You’ll Need:

• Bachelor’s degree in business, computer science, information systems, engineering, or a related discipline

• 6+  years of experience in information security, governance, IT audit, or information technology risk management

• Experience with risk assessments and compliance to regulatory / compliance initiatives

• Experience with cyber security and information security program management

• Self-motivated and results-oriented, agile mindset, with excellent interpersonal and communication skills

• Prior experience working with startups in a dynamic environment and SaaS companies would be an added advantage

  Certifications (desirable, but not mandatory)

• CISSP

• CISM

• AWS / Azure /GCP security certification (any)

• GRC Certification (any