Technical Cybersecurity Risk Manager

Full-time \| Immediate Joiner Required

About the Role

Key Responsibilities

• Risk Framework Development: Lead the design, development, and implementation of enterprise-wide cybersecurity risk management frameworks aligned with ISO, NIST, and Middle East regulatory standards.
• Operationalize Risk Programs: Drive the end-to-end lifecycle of risk frameworks including governance models, process playbooks, and tooling integration for continuous risk assessment.
• Technical Risk Assessments: Conduct, lead, and oversee complex technical risk assessments across AI/ML systems, multi-cloud
• (AWS, Azure, GCP), hybrid environments, and DevOps/SecOps pipelines.
• Security Architecture & Engineering: Leverage prior experience in technical security roles to assess system architectures, security designs, threat models, and risk implications for emerging technologies.
• GRC Program Management: Manage regulatory, compliance, and audit obligations, coordinating across InfoSec, DevOps, Engineering, and Legal functions to maintain cybersecurity posture.
• Stakeholder Engagement: Lead client-facing discussions, executive presentations, and board-level briefings with high-quality written deliverables and stakeholder confidence.
• Tooling & Automation Advisory: Advise on and help integrate risk and GRC tools including Archer, ServiceNow GRC, or custom GRC systems within existing CI/CD environments.

Required Qualifications & Experience

• Experience:
• o 8 to 12 years in cybersecurity with a minimum of 3 years in risk/GRC leadership roles.
• o Prior roles in security engineering, security operations, or architecture are mandatory.
• o Experience working with Big Four consulting firms (EY, KPMG, Deloitte, PwC) in India or the Middle East.
• o Proven track record in leading end-to-end GRC or Risk Management projects independently.
• Certifications (Mandatory):

o ISO 27001 Lead Implementer/Auditor

• Technical Proficiency:
• o Deep understanding of multi-cloud environments (AWS, Azure, GCP)
• o Knowledge of AI/ML pipeline security, MLOps governance, and data protection
• o Experience with DevSecOps, Container Security (Kubernetes, Docker), CI/CD security practices
• Soft Skills:
• o Excellent communication and technical writing skills
• o Strong client-facing and stakeholder management experience
• o Proactive leadership with ability to manage ambiguity and scale programs

Preferred Background

• Exposure to regulatory environments in the Middle East (NCA, SAMA, TRA, ADGM, DIFC, etc.)
• Experience in developing risk registers, RACI matrices, and automated risk workflows
• Familiarity with emerging GRC technologies and ontology-based reasoning models is a plus

Why Join Us

• Work in an AI-centric cybersecurity company tackling the most advanced risk problems
• Collaborate with a team of innovators, architects, and researchers
• Enjoy the flexibility of remote work with opportunities to travel for key client engagements
• Be part of a company that is defining the future of cognitive GRC and risk intelligence