Senior GRC Specialist

الوصف الوظيفي

You will develop Cybersecurity governance model & Cyber risk and compliance frameworks, conduct periodic and need based Cyber risk assessments, and perform compliance exercises to ensure the effectiveness of required security controls.

Client Details

A leading organisation in Abu Dhabi building a brand-new security function as part of the groups aim of internalising IT.

Description
Responsible for developing and managing the governance, risk management and compliance functions.Develop, maintain, and execute enterprise-wide Cybersecurity policies, standards, guidelines, processes, and frameworks in alignment with relevant regulatory requirements and industry standards.Develop cybersecurity strategy and manage cybersecurity gap analysis and maturity assessments.Develop and manage organization wide cybersecurity Training and Awareness Programs to cater audience from multiple domains and varying skillsets.Support development of Business Continuity policies and plans to ensure Cybersecurity requirements and action plans are fully covered.Develop Cybersecurity Risk Management framework in coordination with Enterprise Risk Management to ensure Cyber risks are appropriately addressed from mitigation and risk acceptance perspective.Manage all security risk assessment related activities for existing infrastructure and new projects/initiatives including but not limited to evaluating new threats and vulnerabilities, conducting risk assessments, preparing risk assessment reports and mitigation actions/plans, managing, and maintaining Risk Register.Conduct and manage periodic Cybersecurity reviews and audits and ensure compliance to the Cybersecurity standards, regulatory requirements, policies, etc.Manage periodic external and internal penetration tests and ensure corrective actions and mitigations are implemented when necessary.Reviewing classification schemes, define standards for labelling information assets, identify appropriate controls for each classification and define rules for sharing sensitive information. for proper data and information protection

Profile
Bachelor’s degree in Cybersecurity, Computer Engineering, Computer Science, Enterprise/Information Technology, Information Systems, or related fieldMust have at least one of the following certifications: CISA, CISSP, CRISC, and CISM.Minimum of 10 years of practical experience in implementing Cyber and Information Security standards or developing Cyber and Information Security processesExperience in conducting gap and maturity assessments and developing strategies.Experience in developing Cybersecurity polices, standards, guidelines and operating models.Experience of Threat Modelling and Impact/Likelihood assessmentsExperience of assessment of Threat, Vulnerability management related risksExperience in compliance assessmentsExperience of standard change control processes, risk assessment and transition in a Dev Ops environment.

Job Offer
Competitive salary with family benefits such as schooling assistance on offer for the right candidate.

المهارات
Governance, Risk, Compliance
تفاصيل الوظيفة
منطقة الوظيفة أبو ظبي, الإمارات العربية المتحدة
قطاع الشركة خدمات تكنولوجيا المعلومات
طبيعة عمل الشركة شركة توظيف
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف دوام كامل
الراتب الشهري $7,000 - $8,000
عدد الوظائف الشاغرة 1
المرشح المفضل
المستوى المهني إدارة

https://www.bayt.com/ar/uae/jobs/senior-grc-specialist-4508847/