Key Responsibilities:

User Access Management: Ensure proper access controls are in place to secure sensitive data.

Change Management: Handle changes in IT systems or processes while minimizing risks and disruptions.

Policy Development: Draft and implement policies/procedures aligned with organizational goals and compliance standards.

Knowledge of Standards and Compliance:

Must have a strong understanding of regulatory frameworks like:

ISO 27001: For Information Security Management Systems (ISMS).

PCI-DSS: For securing payment card information.

Work Location:

Willingness to work on-site in GCC countries (Saudi Arabia, Jordan, Oman, Egypt), implying potential travel and adaptability to diverse work cultures.

Educational and Certification Requirements:

Bachelor’s Degree in Computer Science/IT/InfoSec: This ensures foundational technical knowledge.

Preferred Certifications:

ISO 27k/CISA: Demonstrates understanding of security management and auditing.

CISSP/CISM: Highlights advanced knowledge of security and risk management.

Skills

Experience Requirements:

3-6 years in GRC: Relevant experience in Governance (establishing frameworks), Risk (identifying, assessing, mitigating), and Compliance (adhering to regulatory standards).

Specialized Skills: Proficiency in risk assessment, auditing, and enterprise architecture review, which involve evaluating systems, processes, and risks.