IT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.
IT Security C&T is continuously expanding its team of qualified professionals for a wide range of opportunities. Interested candidates are required to apply via our Career webpage on our website (www.itsecurityct.com)
- Develop and maintain cybersecurity governance, risk management, and compliance frameworks, strategies, and practices.
- Collaborate with cross-functional teams to identify and assess cybersecurity risks and vulnerabilities.
- Conduct regular security assessments, risk assessments, and gap analyses to ensure compliance with industry standards, regulations, and best practices.
- Provide expert guidance in the development of policies, procedures, and controls to mitigate cybersecurity risks.
- Review and analyze security controls, processes, and technologies to identify and address any gaps or weaknesses.
- Monitor and evaluate emerging cyber threats and vulnerabilities
- recommend appropriate mitigation strategies.
- Stay abreast of changes in regulatory requirements, industry standards, and cybersecurity best practices to ensure ongoing compliance.
- Act as a subject matter expert and provide guidance to stakeholders, including management, on cybersecurity governance, risk management, and compliance matters.
- Conduct cybersecurity awareness and training programs for employees to promote a culture of security and compliance.
- Assist with incident response, investigations, and the recovery process, ensuring appropriate actions are taken to address and mitigate any security incidents.
- Bachelor’s degree in computer science, Information Technology, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
- Minimum 1-2 years of Cybersecurity GRC Consultant experience
- Proven experience as a Cybersecurity GRC Consultant or in a similar role, with a strong focus on governance, risk management, and compliance.
- In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, GDPR) and their practical implementation.
- Familiarity with security controls, technologies, and best practices across various domains, such as network security, application security, and data protection.
- Strong analytical and problem-solving skills, with the ability to assess risks, identify vulnerabilities, and develop effective mitigation strategies.
- Excellent communication and presentation skills, with the ability to convey complex cybersecurity concepts to stakeholders at all levels.
- Strong understanding of regulatory requirements relevant to National Cybersecurity Authority.
- Demonstrated commitment to ongoing professional development in the field of cybersecurity.
- Native Arabic speaker and professional in English language.
Similar Jobs
What We Do
IT Security C&T was incorporated in March 2011 with the vision to be the leading information security and technology risk management resource center in the Middle East and North African Region. We are specialized in the delivery of affordable high-end information security and technology risk management services that are hard to find within the region at the same cost.
Our team is formed by leading specialists in their field, with experience track records of 10 - 20 years serving at key locations within the MENA region and around the world. The mission is to use this accumulated experience, knowledge, and skills, to develop highly trained bilingual consultants and trainers who are able to deliver world-class services to clients within the region.
We provide information security consulting services that range from information security and risk management strategy development to technical penetration testing and digital forensics services aimed to enable customers at various verticals to understand business and technology threats and apply appropriate controls all within a framework of industry best practices based on international standards like ISO 27000, COBIT, and ISO 20000. See Consulting for more information.
The Information security training services are aimed to provide customers with the necessary skills and knowledge to apply information security best practices within their organizations and to allow IT professionals to develop a career path in information security and risk management. See Training for more information.
The information security solutions we provide are specialized integrated solutions that address customer’s complex requirement and provides the organization with state of the art information security controls to mitigate the enterprise risk. We partner with leading vendors and provide customized solutions to meet the increasing demand of our customers to holistically address their security risks. See Solutions for more information.
