Consultant - Data Governance and Compliance

• Consultant - Data Governance and Compliance is responsible for developing and applying policies and procedures that ensure full compliance with data protection requirements.
• Ensuring that projects adhere to applicable laws, regulations, and internal governance standards, helping to improve the organization's cybersecurity posture.
• Responsible for establishing, implementing, and monitoring data governance and cybersecurity compliance frameworks
• Ensures that enterprise systems, data assets, and project deliverables meet regulatory, security, and privacy requirements through proactive risk identification, control implementation, and continuous compliance validation.

• Provide strategic and tactical guidance on Cybersecurity and Data Governance.
• Develop and enforce security policies, standards, and procedures aligned with business and regulatory requirements.
• Report to management on the effectiveness of the Cyber Security and data governance program, including policy violations, Security risks, and progress of all Security-related remedial actions and metrics
• Identify opportunities and gaps to improve Cyber Security and Data Governance posture, procedures, and methodologies.
• Ensure compliance with internal policies, procedures, and quality standards.
• Participate in the development and implementation of Cyber Security and Data Governance plans in accordance with corporate objectives.
• Develop and implement an effective policy compliance monitoring and enforcement program.
• Evaluate cybersecurity and data protection controls for information systems during the requirements, acquisition, development, and testing phases to ensure compliance with the organization's policies, standards, and procedures.
• Conduct post-implementation reviews of systems to determine whether project deliverables, controls, and the organization's requirements are met.
• Coordinate with the Cybersecurity incident response team and oversee investigations.
• Assist in risk mitigation efforts and evaluate residual risk & developing solutions for remediating the risk.
• Manage and coordinate the use of external third-party resources involved in developing, implementing, and monitoring the information security program
• Identify and assess vulnerabilities in existing cybersecurity and data protection tools.
• Advise the SOC team on operational security measures and incident response.
• Oversee the network Security standardization in the multi-vendor environments aligned with international standards.

• Bachelor's degree in computer science, Telecommunications, Information Security, or Electrical/Electronics Engineering. A master's degree is a plus.
• Minimum of 10+ years of hands-on experience in data privacy, information security, and compliance, with a strong focus on governance frameworks and regulatory alignment.
• Minimum of 3+ years of direct experience in Telecom and Network Security.
• Strong understanding of information security standards and frameworks and compliance requirements.
• Added advantage to have experience in developing and implementing security controls across enterprise IT systems, networks, and cloud environments.
• Proficiency in risk assessment methodologies, data classification models, and policy enforcement mechanisms.
• Knowledge of incident tracking security tool technologies (Eg: SIEM)
• Experience with compliance auditing tools, vulnerability scanning, and penetration testing coordination.
• Proven ability to develop and present high-quality technical presentations for executive and senior management, using Microsoft PowerPoint to communicate cybersecurity risks, compliance posture, and strategic roadmaps.
• Strong documentation skills with proficiency in Microsoft Office Suite.
• Relevant certifications on Cyber Security, such as Security+ or CEH advantageous or Certified Data Privacy Professional (CDPP) or equivalent
• Excellent verbal and written communication skills in English; Arabic is a plus.

Norconsult Telematics