Position Overview
We are seeking an experienced Information Security Consultant specializing in Governance, Risk, and Compliance (GRC). In this strategic role, you will implement advanced GRC frameworks, ensure compliance with UAE market standards, and drive innovation in cybersecurity. You will also play a pivotal role in increasing compliance levels across various organizations and ensuring robust adherence to regulatory requirements. Experience in the public sector is highly desirable.
Key Responsibilities
Governance Design and implement governance frameworks, policies, and procedures aligned with cybersecurity standards.
Optimize organizational structures and develop cybersecurity operating models tailored to client needs.
Provide strategic guidance to stakeholders, ensuring alignment with business goals.
Risk Management Conduct risk assessments, identify vulnerabilities, and implement mitigation strategies.
Ensure compliance with regulatory frameworks such as NESA, ISO 31000, and NIST SP 800-37.
Collaborate across teams to assess and manage organizational risks.
Compliance Develop and maintain compliance programs aligned with standards such as GDPR, HIPAA, and PCI DSS.
Demonstrate proven expertise in increasing compliance levels across various organizations.
Support regulatory audits and compliance reviews with robust documentation.
Ensure adherence to UAE-specific cybersecurity regulations. Public Sector Engagement Leverage experience working with public sector organizations to navigate their unique cybersecurity and compliance requirements.
Research and Innovation Stay current on emerging security trends and technologies.
Propose innovative solutions to enhance client security postures.
Qualifications
Bachelor’s degree in Computer Science, Information Security, or a related field.
A minimum of 8 years of experience in cybersecurity, with a focus on GRC.
Demonstrated success in increasing compliance levels across diverse organizations.
Experience working with public sector organizations is highly desirable. Expertise in frameworks such as ISO27001, NESA, and NIST.
Proficiency in network security tools (e.g., firewalls, IDS/IPS). Certifications like CISSP or CISA are highly desirable.
This is a Part-time role and BIG 4 consulting experience is preferred.
