Governance, Risk, and Compliance (GRC) - Develop and implement cybersecurity policies, standards, and procedures - Lead risk assessments and audits - Establish and maintain cybersecurity governance frameworks (e.g., ISO 27001, NIST, GDPR, SOC2, HIPAA, etc) - Conduct third-party​/​vendor risk assessments - Support audit readiness and regulatory reporting Cloud & Infrastructure Security - Define cloud security strategies and architecture (AWS, Azure, GCP) - Oversee secure cloud migrations and DevSecOps integration - Implement identity and access management (IAM) best practices - Conduct network and infrastructure hardening - Guide incident response planning and disaster recovery - Run Cyber Penetration Testing, Vulnerability Assessments, Mobile App testing, etc Security Awareness & Culture - Lead employee security awareness training programs - Conduct phishing simulation campaigns and follow-up coaching - Foster a security-conscious organizational culture - Guide executive leadership and board on cybersecurity strategy Security Operations & Monitoring - Evaluate and implement security tools for cyber defense, monitoring, incident response - Oversee threat detection, monitoring, and response activities - Review and optimize security incident response plans

Location

SGP