Role Purpose
To ensure that the organization’s cybersecurity operations meet regulatory and compliance standards by developing, monitoring, and maintaining policies and procedures. This role supports audits, manages compliance-related risks, and drives continuous improvement in cybersecurity governance across IT and CNS systems, aligned with KPIs, budgets, and adopted policies.
Key Accountability Areas
Key Activities
Compliance Management and Audits
- Support compliance efforts by ensuring the organization meets regulatory requirements such as NCA, NIST, ISO, and ICAO.
- Monitor the organization’s compliance status, identifying gaps, and coordinating with relevant teams to resolve them.
- Assist with internal and external audits by coordinating responses and follow-up actions to meet compliance timelines.
Policy Assistance and Governance Support
- Assist the Cybersecurity Directorate in creating policies by providing input and aligning with operational needs.
- Ensure that cybersecurity processes, procedures, and manuals align with policies and compliance requirements.
- Monitor policy implementation and provide support to teams for resolving non-compliance issues.
Process, Procedures, and Manuals Development
- Develop, document, and maintain cybersecurity processes, procedures, and operational manuals.
- Collaborate with relevant teams to ensure processes are practical and well-integrated across IT, CNS, and cybersecurity operations.
- Continuously improve processes, procedures, and manuals based on best practices and evolving business needs.
Training and Awareness Support
- Support training programs by providing guidance on compliance-related processes and procedures.
- Assist in communicating updates on compliance requirements to ensure organizational awareness.
- Promote cybersecurity awareness initiatives to ensure teams are familiar with relevant processes and compliance standards.
Compliance Risk Management and Reporting
- Identify and maintain compliance-related risks within the organization’s cybersecurity operations.
- Ensure incident management processes align with compliance requirements, including timely reporting and resolution.
- Provide input to the risk management framework to address compliance risks effectively.
Policies, Processes and
Procedures
- Support in monitoring day-to-day activities to ensure compliance with stipulated policies and procedures
- Contribute to the identification of opportunities for continuous improvement of systems and processes taking into account leading practices, changes in business environment, cost reduction and productivity improvement
Knowledge and Experience
- Minimum 6 years of experience in cybersecurity compliance, process management, GRC, management systems, or a related field.
Education and Certifications
- A bachelor’s degree in computer science, Cybersecurity, Computer Engineering, Information Technology, or a related discipline is required.
- Minimum one certifications is required for Specialist , in Network Security tools, System Security tools, Project Management, or Performance Management tools .
