مدير الحوكمة

Job Overview This role is conducted within the vision, mission, and strategic plan of the Insurance Authority The Manager of Governance serves as the organisation’s focal point for cybersecurity governance, risk, and compliance, ensuring controls meet ISO 27001, NCA ECC, and internal mandates Reporting to the Director of Cybersecurity Governance, this role will orchestrate policy lifecycle management, risk oversight, and assurance activities that protect regulatory standing and operational resilience By consolidating evidence, steering remediation, and producing executive dashboards, the incumbent delivers transparent insights that drive informed decisions and prompt escalation of material exposures The position continuously refines governance processes through root-cause analysis, automation, and collaboration, fostering a culture of proactive risk management and sustained cybersecurity maturity Responsibilities and Tasks Administer the complete life-cycle of information-security policies, standards, and procedures, ensuring approved documents are published, version-controlled, and communicated to all relevant stakeholders. Coordinate annual policy refresh workshops with process owners and integrate approved updates into the Governance document repository. Track and log policy exceptions, extensions, and waivers, ensuring that each is supported by risk acceptance documentation and approved by the designated authority. Execute the quarterly controls-testing calendar and collect evidence to demonstrate alignment with ISO 27001, NCA ECC, and internal control baselines. Prepare concise compliance dashboards and KPI packs for review by the Manager of Governance, highlighting remediation progress and overdue actions. Support external and internal auditors by scheduling interviews, retrieving artefacts, and resolving evidence gaps in a timely manner. Maintain the divisional risk register in the GRC platform, ensuring that all identified risks, controls, and treatment plans are current, accurately scored, and properly linked. Monitor open control deficiencies, chase action owners for updates, and escalate material delays or residual-risk increases to the Manager of Governance. Analyse recurring audit findings and propose preventive improvements to process owners, leveraging root-cause analysis and lessons-learned sessions. Document standard operating procedures (SOPs) for routine governance activities and ensure they are reviewed and endorsed at least annually. Leverage process-automation or dashboarding tools, in collaboration with the Cybersecurity Data Science team, to streamline evidence collection and reporting cycles. Provide day-to-day advisory support to business units on governance requirements, control implementation guidance, and policy interpretation. Collaborate with the Specialist of Governance and the Cybersecurity Risk team to align risk treatment plans and share best practices across the broader GRC job family. Manage/Own departmental strategic planning, budgeting, staffing, and workforce management to ensure cohesive and efficient Governance operations aligned with IA’s strategic framework. Perform other job duties as assigned