Job Details
Experience Needed:
Career Level:
Education Level:
Salary:
Job Categories:
Skills And Tools:
Job Description
- Maintain a deep knowledge of risk mitigation principles and techniques of the international risk and security standards to manage compliance with such standards and regulations including ISO 27001, ISO 27005, NIST, PCI/DSS, and more other frameworks.
- Conduct technical risk assessments and collaborate/communicate in a simple, clear, and concise manner to the various communities within our organization.
- Develop the required Information Security controls and policies to support the organization governance and compliance objectives.
- Assist with analysis and documentation of audit remediation actions related to Information Security.
- Drive development of use cases and business requirements in close partnership with cross-functional stakeholders (GRC, Security, Privacy, Audit, Compliance, etc.) to fulfill all applicable solution needs.
- Employ business analysis and solution skills to interpret business requirements/impacts to ensure the optimal tooling strategies are identified, designed and implemented to meet business needst.
- Review the technical design and SDLC documentation with the technical experts to assure controls and policies implementations.
- Provide guidance and share best practices for design and implementation of the GRC platforms.
- Ensure partnership with different teams for Proactive Compliance Risk Management - identification, assessment, risk action planning, and closures.
- Conduct employee awareness and assist in developing training materials and where necessary assist in specific training.
Job Requirements
- Minimum of a bachelor's degree or equivalent in information technology, computer science or related field.
- The ability to work across multiple frameworks and regulatory standards including, but not limited to: NIST, PCI, ISO, and GDPR.
- Experience with information security frameworks and standards as well as risk management processes is a must.
- Experienced with performing information security audits processes or risk assessments.
- Expertise with security policy development, deployment, and adoption acceleration.
- Holding any of these certifications: CISSP, CISM, CRISC, CCISO Experience.
- Minimum 5 years of relevant experience.
- Languages:
- - English: Excellent command of (Speaking, reading and writing).
- - Arabic: Native command of (Speaking, reading and writing).