MehnaTi

Cyber Risk Manager

The Cyber Risk Manager guides the assessment of information and cyber risks associated with technology initiatives and provides recommendations on control requirements by risk policy and standards. He/ She manages and coordinates responses to regulatory inquiries, inspections, audits and ensures cyber security standards and policies are established and implemented. He oversees the development of reports and implements policies and standards. He manages employees and is held accountable for the performance and results of a team. He provides guidance on security measures and protocols to stakeholders. He is familiar with cyber security standards, protocols and frameworks, and ensures the organization’s compliance to the Cyber Security Act 2018. He is knowledgeable in using various cyber security monitoring and analysis tools and techniques depending on the organization's needs and requirements. He also has expertise in cyber risk mitigation strategies and protocols. The Cyber Risk Manager has a sharp, analytical mind and is able to anticipate problems and risks to mitigate them ahead of time. He is an excellent communicator who works well with others and promotes a cooperative working environment and relationships within and beyond his team.

Skills and Competencies

Technical Skills & Competencies

Audit and Compliance
Proficiency Level
"Develop and enhance compliance processes based on an evaluation of gaps in business and IT operations"
4
Budgeting
Proficiency Level
"Develop long-term financial plans and budget requirements"
5
Business Needs Analysis
Proficiency Level
"Investigate existing business processes, evaluate requirements and define the scope for recommended solutions and programs"
4
Business Performance Management
Proficiency Level
"Formulate organizational performance systems and key performance indicators in alignment with organization’s vision, mission and values "
5
Cyber and Data Breach Incident Management
Proficiency Level
"Develop incident management procedures and synthesize incident-related analyses to distill key insights, resolve incidents and establish mitigating and preventive solutions "
4

Generic Skills & Competencies

Computational Thinking
Proficiency Level
Develop and create computational models, tools and techniques to implement new solutions and apply to other problems.
Advanced
Digital Literacy
Proficiency Level
Use available software features to enhance documents, analyse and manipulate data and use ICT to organize, share and communicate information clearly and coherently.
Advanced
Global Mindset
Proficiency Level
Build the organisation’s capabilities to compete in a global environment. Manage tension between corporate requirements, global and cultural differences.
Advanced
Sense Making
Proficiency Level
Analyse data relationships, patterns and trends to gain important insights and make informed decisions.
Advanced
Creative Thinking
Proficiency Level
Create original applications or ideas to reveal new possibilities and reshape goals through high level of innovativeness.
Advanced

Critical Work Functions and Key Tasks

Implement cyber security risk strategy

• Manage the strategic development and improvement of risk frameworks, methodologies 
and requirements 
• Recommend strategies to address key risk areas in cyber security 
• Assess business needs against cyber security concerns and legal and/or regulatory requirements 
• Anticipate internal and external business challenges and legal or regulatory issues 
• Provide strategic risk guidance to stakeholders in the implementation and execution of cyber risk 
strategies across the organization 

Establish cyber security standards and policies

• Formulate governance procedures for documenting and updating security policy, 
standards, guidelines and procedures 
• Plan the implementation of information systems and cyber security policies 
• Develop the organization’s Cyber Risk Maturity model 
• Develop policies and frameworks for conducting cyber security risk assessments and compliance audits 

Manage cyber risks and assessments

• Advise the development of techniques and procedures for the conduct of cyber risk assessments 
• Develop plans for cyber risk assessment activities across the organisation
• Coordinate the on-going cyber risk assessment activities across the organisation
• Provide strategic and technical recommendations following identification of vulnerabilities in 
operating systems 
• Incorporate emerging security and risk management trends, issues, and alerts into 
risk assessment framework 
• Develop cyber risk mitigation strategies and policies for the organization

Develop cyber risk documentation

• Oversee the development of documentation on methodologies and tools to mitigate cyber risks 
• Establish guidelines for reporting outcome of cyber risk assessments 
• Oversee the development of internal threat awareness reports 
• Present threat awareness reports to technical and non-technical staff 

Mitigate cyber security risks

• Develop programmers and initiatives to strengthen the capability of the organization to mitigate risks 
• Oversee the planning and conduct of organizational cyber security exercises 
• Act as a subject matter expert in cyber security incident and breach investigations 
and post-breach remediation work 
• Propose procedures to prevent future incidents and improve cyber security 
• Monitor the maintenance of the cyber security operations training plans for all security staff 
• Manage responses to regulatory inquiries, inspections or audits

Get yourself a new skill

In this Path

Coming soon...