Director, Cyber Risk & Compliance

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

As the Vice President – Advisory, you will lead and expand NopalCyber’s Governance, Risk, and Compliance (GRC) and cybersecurity advisory practice. You will serve as a trusted advisor to CXO-level clients, shaping strategies that enable resilience, risk optimization, and regulatory alignment. This role combines deep GRC expertise with strategic leadership to address evolving areas such as cloud, data privacy, and AI security governance, ensuring clients stay ahead of emerging compliance and threat landscapes.

Key Responsibilities :

• Provide strategic leadership for all Governance, Risk, and Compliance (GRC) and cybersecurity advisory engagements across global clients.
• Define and execute the vision, strategy, and roadmap for NopalCyber’s Advisory practice in alignment with business objectives.
• Serve as the executive subject matter expert (SME) in information and cybersecurity governance, risk management, compliance frameworks, and regulatory alignment.
• Oversee and guide enterprise security assessments of on-premises and cloud IT assets, ensuring robust methodologies and consistent quality delivery.
• Govern the design and validation of security control testing programs, posture assessment models, and reporting frameworks.
• Ensure advisory programs are aligned with regulatory mandates including Digital Personal Data Protection Act, 2023, ISO 27001, GDPR, SOC 2, PCI DSS, and NIST frameworks.
• Drive innovation in the use of GRC and automation tools, optimizing delivery through analytics and AI-driven insights.
• Provide strategic oversight of AI security and governance, including risk management of AI models, ethical use of AI in compliance contexts, and adherence to emerging AI regulations.
• Provide executive direction for security risk management, third-party risk management (TPRM), and assurance programs.
• Lead client engagement and relationship management with senior stakeholders, ensuring strategic alignment and satisfaction.
• Partner with business development teams to support sales pursuits, proposals, and new offering development.
• Build and nurture a high-performing Advisory team, providing mentoring, coaching, and professional development.
• Promote thought leadership by participating in forums, industry events, and internal knowledge-sharing platforms.
• Lead practice governance, performance metrics, and continuous improvement to drive consistency and efficiency.
• Collaborate cross-functionally with SOC, Pre-sales, and Delivery leaders to ensure integrated client engagement and service delivery.
• Continuously update and align the enterprise cybersecurity strategy to emerging technologies, threats, and compliance requirements, including AI-driven risk frameworks.

Job Specifications : 1. Qualification :

2. Experience :

3. Desired Skills :

Personal Attributes :