JSC Bank of Georgia

Cybersecurity Risk Management Officer

JSC Bank of Georgia · Tbilisi, Georgia

Banking · 5,001-10,000 employees

6 d ago
Mid (2-5 yrs) Full-time Georgia
Log in to apply, save this posting, or score it against your profile with AI.

About the role

The officer is responsible for developing information security risk management processes and conducting security assessments for new and existing projects. They will manage third-party risks, develop mitigation plans, and report risk metrics to management.

What they look for

Information Security Risk Management Security Assessment Risk Mitigation Third Party Risk Management ISO 27001 NIST CSF Analytical Thinking Problem Solving Communication Teamwork GDPR Compliance KPI Measurement

Requirements

Candidates need at least 2 years of risk management experience and a degree in Information Security, IT, or Computer Science. Knowledge of ISO 27001 or NIST CSF is required, while CISM or CRISC certifications are considered an advantage.

Full description

JSC Bank of Georgia's Information Security Department announces an opening for the position of Cybersecurity Risk Management Officer.

About the Position: The Cybersecurity Risk Management Officer is responsible for developing the information security risk management processes within the bank. You will be involved in the security assessment of both existing and new projects and will work with various teams and third parties to protect the organization's critical information assets.

What you will do in this role:

  • Identify and assess information security risks.
  • Analyze business processes and IT systems from a security perspective.
  • Conduct security assessments for new and ongoing projects.
  • Manage and communicate risks associated with third parties.
  • Develop risk mitigation plans and security controls.
  • Participate in security awareness initiatives.
  • Prepare reports on information security risks for management.
  • Measure the effectiveness of the risk management program through KPIs and metrics.

What we expect from you:

  • A minimum of 2 years of experience in risk management.
  • Education in Information Security, IT, or Computer Science.
  • Practical knowledge of information security risk management.
  • Knowledge of ISO 27001, NIST CSF, or similar standards.
  • Analytical thinking and problem-solving skills.
  • Effective communication and teamwork experience.
  • CISM / CRISC certification is an advantage.
  • Knowledge of regulations and compliance requirements (GDPR, etc.) will be considered an advantage.

If you want to make a real impact on the organization's cybersecurity and work in a team with high standards - join us!

We are accepting applications until July 20, 2026!