About the Role:We are looking for an IT Security Governance Officer to establish and manage information security governance frameworks within a government environment. The role ensures compliance with national cybersecurity regulations, government policies, and international standards while supporting risk management, audits, and secure digital service delivery.
Key Responsibilities:Develop and maintain information security policies, standards, and procedures aligned with government requirements. Ensure compliance with national cybersecurity regulations, data protection laws, and government directives. Align security governance with ISO 27001, NIST, COBIT, and relevant government standards. Conduct information security risk assessments and support risk treatment plans. Monitor compliance of security controls across systems and entities. Coordinate internal/external audits, regulatory reviews, and compliance assessments. Track security risks, exceptions, and remediation actions. Support cybersecurity incident governance, reporting, and post-incident reviews. Review third-party and vendor security compliance for government contracts. Ensure enforcement of data classification, access control, and information handling policies. Support cybersecurity awareness programs and mandatory training initiatives. Prepare governance reports, dashboards, and compliance submissions for senior management. Collaborate with legal, compliance, IT, and national cybersecurity authorities.
Required Skills & Experience:Strong knowledge of government cybersecurity governance and regulatory frameworks. Experience in public sector IT compliance, risk management, and audit coordination. Knowledge of ISO 27001, NIST, COBIT, and security governance frameworks. Strong risk assessment, compliance monitoring, and audit support skills. Strong documentation, reporting, and policy writing abilities. Ability to communicate security risks in a clear, executive-friendly manner. High integrity and ability to handle confidential information.
Qualifications:Bachelor’s degree in Information Security, Computer Science, IT, or related field.4–7 years of experience in information security governance, risk, or compliance (public sector preferred).
Certifications (Preferred):CISMCISSPISO 27001 Lead Implementer / Lead Auditor CRISC