We are looking to hire a Information Security GRC Specialist who will be responsible for supporting the Cybersecurity and Audit Function, to maintain and enhance the security posture for our client based in Dubai- which is one of the largest companies in the region.
The role sits within the IT Strategy and Governance and reports directly to the Cybersecurity Manager.
This role is for an initial duration of 12 months.
Key responsibilities:
- Conduct periodic security assessments and reviews to identify potential vulnerabilities and risks within the entity.
- Develop and implement the entity-specific security KPIs to measure performance and identify areas for improvement.
- Maintain accurate and up-to-date records of security assessments, findings, and remediation actions.
- Monitor compliance with corporate security policies, standards, and regulations.
- Identify and report security risks and deviations from security requirements.
- Provide support for security awareness initiatives within the entity.
- Collaborate with cross-functional teams to ensure alignment with security objectives.
- Participate in security process improvement initiatives to enhance efficiency and effectiveness.
- Contribute to the development and implementation of quality assurance measures for security processes and controls.
- Support the identification and implementation of security best practices
Key Performance Indicators:
Compliance Adherence Rate:
- Measures the percentage of compliance requirements met within the entity.
- Security Compliance Reviews - Findings Closure Rate
- Measures the percentage of security compliance review findings addressed and closed within a specified timeframe.
IT Risks Assessment and Treatment:
- New IT risk identification rate per asset. This provides a better understanding of the risk exposure per unit.
- Average time to complete a risk assessment. This metric focuses on efficiency and process improvement.
- Central Dashboard for Cybersecurity and Audit
- Number of integrated systems and measure the dashboard's contribution to Cybersecurity and audit effectiveness
Knowledge, skills & experience:
- Experience in conducting security assessments and audits.
- Knowledge of compliance frameworks and regulations.
- Working experience of Power BI and MS Visio.
- Understanding of process improvement methodologies is preferred.
- Proficiency in risk assessment, evaluation, and mitigation techniques.
- Compliance Framework: In-depth knowledge of relevant regulatory frameworks (e.g., ISO 27001).
- Expertise in conducting security assessments.
- Understanding of IT governance frameworks and principles.
- Proficiency in using risk management software and tools.
- Ability to analyze complex data sets to identify trends and patterns.
- Strong problem-solving skills to address security challenges.
- Ability to make informed decisions based on available information.
- Effective communication skills to interact with diverse stakeholders.
- Ability to build and maintain relationships with stakeholders.
- Strong teamwork and collaboration skills.
- Ability to influence stakeholders to adopt security measures.
Availability:
- Preference will be given to candidates available immediately.
We are looking for a candidate who will be able to work in United Arab Emirates. Please apply with your resume and remember to provide us with your contact details.
We will review your job application within 7 working days. Should your profile fit the requirements of the role a consultant from Edari will be in touch with you to get a deeper understanding of your profile, to discuss the role in more detail and potential next steps