HakTrak
Senior GRC & Cybersecurity Consultant Jobs in Saudi Arabia
Job Descriptions
· Develop and participate in the implementation of client initiatives focused on the reduction of technology risk, governance and compliance with policies and external regulatory compliance.
· Evaluating business and IT risks
· Developing IT security standards, procedures, and controls to manage risks.
· Improve client’s security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
· Evaluate information security threats and their impact on client’s IT environment.
· Supporting the Senior team members, assisting with the analysis of requirements and design of clients’ information security posture, as well as Legal, Regulatory and Scheme security requirements.
· Lead the delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, ISO22301 and EU GDPR.
· Performing and investigating internal and external information security risk and exceptions assessments. Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks.
· Documenting and reporting control failures and gaps to stakeholders.
· Provides remediation guidance and prepares management reports to track remediation activities.
· Staying up to date with the leading best practices and technology and acting as a technical resource for security assessment and regulatory compliance.
· Performing other related duties as assigned from time to time based on the business requirements.
· Presentation skills and analytical skills to suggest business continuity solutions.
Qualification and skills:
· 10+ Years’ experience in IT Governance, Risk & Compliance
· Understanding of PCI DSS, ITIL, ITSM, and COBIT standards preferred
· Experience with risk management principles and associated methodologies
· Ideally will have a CEH, CISSP, CISA or CISM qualification.
· Proven ability to make sound pragmatic decisions and judgements under tight timelines.
· Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way both internally and externally.
IT Certifications Audit Certifications
· Certified Information Systems Auditor, CISA
· Certified ISO 27001, ISMS Lead Implementer
· Certified ISO 27001, ISMS Lead Auditor
· Certified ISO 22301, BCMS Lead Auditor
· Certified ISO 9001 Internal Auditor/IRCA