Cybersecurity GRC Consultant
We are seeking a highly skilled and experienced Cybersecurity GRC (Governance, Risk, and Compliance) Consultant to join our dynamic team. As a Cybersecurity GRC Consultant, you will be responsible for designing, implementing, and maintaining effective cybersecurity governance, risk management, and compliance strategies within our organization. You will collaborate with cross-functional teams, assess risks, develop policies and procedures, and ensure compliance with regulatory requirements. Your expertise in cybersecurity, compliance frameworks, and risk management practices will be indispensable in safeguarding our organization's assets and maintaining a secure environment.
Responsibilities
• Develop and maintain cybersecurity governance, risk management, and compliance frameworks, strategies, and practices.
• Collaborate with cross-functional teams to identify and assess cybersecurity risks and vulnerabilities.
• Conduct regular security assessments, risk assessments, and gap analyses to ensure compliance with industry standards, regulations, and best practices.
• Provide expert guidance in the development of policies, procedures, and controls to mitigate cybersecurity risks.
• Review and analyze security controls, processes, and technologies to identify and address any gaps or weaknesses.
• Monitor and evaluate emerging cyber threats and vulnerabilities Cybersecurity/GRC
• Recommend appropriate mitigation strategies.
• Stay abreast of changes in regulatory requirements, industry standards, and cybersecurity best practices to ensure ongoing compliance.
• Act as a subject matter expert and provide guidance to stakeholders, including management, on cybersecurity governance, risk management, and compliance matters.
• Conduct cybersecurity awareness and training programs for employees to promote a culture of security and compliance.
• Assist with incident response, investigations, and the recovery process, ensuring appropriate actions are taken to address and mitigate any security incidents.
Requirements
• Bachelor’s degree in computer science, Information Technology, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
• Proven experience as a Cybersecurity GRC Consultant or in a similar role, with a strong focus on governance, risk management, and compliance.
• In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, GDPR) and their practical implementation.
• Familiarity with security controls, technologies, and best practices across various domains, such as network security, application security, and data protection.
• Strong analytical and problem-solving skills, with the ability to assess risks, identify vulnerabilities, and develop effective mitigation strategies.
• Excellent communication and presentation skills, with the ability to convey complex cybersecurity concepts to stakeholders at all levels. Cybersecurity/GRC
• Strong understanding of regulatory requirements relevant to National Cybersecurity Authority.
• Ability to work effectively both independently and collaboratively in a fast-paced, dynamic environment.
• Demonstrated commitment to ongoing professional development in the field of cybersecurity.
• Native Arabic speaker and professional in English language