GRC Consultant

Job Description

Experience      :           5-8 Year

Qualification  :           Graduate in Computer Science, IT, Electronics & Communication or Information Security or Cyber Security or MCA

Preferred Certifications: ISO27001, ISO 31000, ISO 22301, CISA, CISM, CRISC, CISSP

Professional Scope of work (JD): 

1. End to end implementation of information security management system (ISMS).
2. Good grip on ISO 27001, ISO 22301, NCA ECC, NCA CCC, CMA and SAMA framework.
3. Conduct risk assessment of web applications, mobile applications, thick clients, network, processes, business logics, etc.
4. Experience in reviewing design documents, application architecture, network architecture.
5. Develop threat model.
6. Develop risk management framework and methodologies.
7. Experience in writing IS Policies, Standards and Procedures.
8. Implementing Role based access model. Performing user access assessments.
9. Closely work with client CISOs to deliver the assessment work and reports.
10. Closely work with different stakeholders to understand their business requirements and problem statements and prepare reports accordingly.
11. Conduct quality review of project work.
12. Manage project lifecycle to ensure project is delivered as per SOW and agreed timeline and profitability.
13. Closely work with PMO on resource utilization, practice competency development.
14. Conducting meetings with different stakeholders, prepare MOMs and prepare assessment reports.
15. Must have good report writing skills.

Preferred Criteria:

• Banking experience
• Transferable Iqama,
• Saudi Driving License, and familiarization with KSA job culture,

Response with the following:

Expected joining date:

Current salary package:

Expected Salary package: