GRC Consultant
- Riyadh
- Permanent
- Full-time
Job is to lead information security Governance, Risk Management and Compliance Engagements for Jafeer Customers.Responsibilities:
- Lead/Participate in various IT Risk Management & Business continuity initiatives.
- Ensuring that requirements in IT Audit, Standard, Policy, Compliance and Risk controls are met.
- Provide GRC consultancy and best practices to business teams
- Conduct interviews and process walkthroughs with of select personnel and document and assess business processes and information systems to determine the adequacy of the control environment.
- Demonstrate well IT auditing based on industry best practices and regulations.
Demonstrates understanding and use of basic project management methodologies.
Ability to document and explain technical details in a concise, understandable manner.
Highly organized and able to multi-task and manage concurrent deadlines and able to contribute to effectively and lead working groups.
Ability to successfully interface with clients (internal and external)
Excellent communication skillsTechnical SkillsPrior hand-on technical working experience in least 2 of the domains: NCA-ECC, ISO27K, Cloud Services, NIST, PCI DSS, BCP/DR/Crisis Management.Relevant experience in IT Risk & ComplianceKnowledge in Risk Management (exposure to GRC tools is preferred)Experience in assessing, development, deployment of security policies, procedure and standards.Some technical experience to understand and communicate effectively with development and operation teams.Strong written Arabic & English and verbal communication skills.Ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the businessProject management experience is a plusISO27K lead implementer/Auditor, CISA, CISM, CRISC, CISSP, PMP or similar Certificates is a plusEducationBachelor's degree in Computer Science, Software Engineering, or a related field.