GRC Consultant

GRC Consultant

الوصف الوظيفي

Should be currently in the UAE

willing to work for 6 months contract – extendable

PRIMARY DUTIES & RESPONSIBLITIES:

• Develop and participate in implementation of ISO 27001:2013 initiatives
• Implement and drive activities related to technology risk reduction, governance and compliance to policies and external regulatory compliance.
• Evaluate IT risks and develop risk mitigation strategies, and corrective actions.
• Provide recommendations to improve organizational security posture through process improvement, policy automation and continuous evolution of capabilities.
• Document and report on security gaps and provide remediation guidance, prepare management reports, track remediation activities.
• Conduct risk and exception assessments by assessing multiple inputs from internal/external sources
• Conduct due diligence assessments on third party vendors using supply chain risk management practices.
• Implement effective processes within the GRC function to automate and continuously monitor information security controls, exceptions, risks reporting metrics, dashboards and evidence artifacts.
• Interviewing various stakeholders across the organization to determine security controls implementation and effectiveness by collecting and analyzing evidence and documenting findings and tracking to closure.

KEY SKILLS

• Ability to conduct risk assessments on IT systems
• Deep Knowledge of risk assessment methodologies, cyber security operations and InfoSec business processes
• Experience of working on GRC technology enabled risk and compliance transformation programs required
• Advanced proficiency in MS Office suite specifically Excel
• Knowledge of Security best practice, methodologies, systems and third party providers
• Proficiency in the English language,

EXPERIENCE

• Minimum 8-12 years of experience in Governance Risk and Compliance (InfoSec)
• Experience in UAE or Middle East is desirable
• Experience in deployment of GRC tools for a large enterprise
• Experience implementing security controls such as ISO 27002, UAE IA, NIST controls
• Proficient in conducting IT risk assessment

EDUCATION

• Degree level qualification, preferably Bachelors or comparable, with strong emphasis in Management Information Systems (MIS), Computer Science, Governance, or a related field

المهارات

ISO 27001:2013

GRC

CRISC Certification

تفاصيل الوظيفة

منطقة الوظيفة

أبو ظبي, الإمارات العربية المتحدة

قطاع الشركة

الخدمات العسكرية

طبيعة عمل الشركة

شركة توظيف

الدور الوظيفي

تكنولوجيا المعلومات

نوع التوظيف

دوام كامل

الراتب الشهري

$7,000 – $8,000

عدد الوظائف الشاغرة

1

للتقدم على الوظيفة