GRC Consultant

Experience: 5 to 10 years
Location: Riyadh
Job code: 100577
Posted on: Jan 11, 2023
Job Description:

Conducting Information Security Governance, Risk & Compliance (GRC) Consulting projects for customers across the globe using various standards like PCI-DSS, ISO 27001, NIST CSF, COBIT,etc)
- Defining the risk management methodology supported by a threat-vulnerability assessment in collaboration with key stakeholders within the organization
- Defining, documenting, Implementing, and refining information security management frameworks within client organizations. The documentation may include Information security strategy, IS policies, procedures, standards, SOP’s, forms, templates, etc.
- Conducting comprehensive risk assessments in close coordination with internal and external stakeholders
- Assisting in implementation/maintenance of information security policies and procedures in compliance to Governance, legal, contractual, or internal requirements
- Conducting Information Security awareness programs with objective of increasing the information security awareness of staff and management on latest information security threats and vulnerabilities through innovative ideas and initiatives
- Managing the assigned team, project management & delivery management
- Training the internal team on GRC & Risk Assessment
- Meeting prospective customers on presales meetings and/or specialized GRC and risk
- Information Security Governance, Business Continuity Management, Risk Management, Information Security Incident Management, etc.
- Should have conducted ISO 27001 gap assessments, PCI DSS gap assessments & other gap
- assessments against information security regulatory/statutory/compliance requirements
- Should have exposure to conducting banking Information Security audits -
-Should be able to work in a diverse team and should be able to adapt to various challenging customer environments
-Should be results-oriented and able to deliver within pre-set deadlines.
-Should value quality and client-satisfaction
-Should possess very good communication skills (written/spoken English & presentation skill)
-Should be well versed with at least ISO 27001 & PCI-DSS
-Should have strong experience in conducting risk management and must have knowledge of various risk assessment methodologies
-Should have the capability to provide on-demand solutions pertaining to -Governance & Risk management

Sign In & Apply Sign Up & Apply