GRC Senior Consultant.

Company Description

We are entrepreneurs in disruptive technology, at Devoteam, we deliver innovative technology consulting for business. Digital Transformakers, we are 7,000+ professionals across EMEA dedicated to ensuring our clients win their digital battle. We improve business performance making their companies truly digital. We advise our clients and build IT infrastructure for digital, making sure people are along for the ride.
Devoteam Middle East, we are the region's leading consulting firm delivering innovative Business & Technology Consulting & Solutions. Our 14 years of existence anchored in technologies that enables our clients business to flourish, accordingly our focus is to help our clients' win the digital battle, adapted to our clients’ business challenges, with a unique consideration to its impact on their systems and structures.
To know more about us, please visit: www.devoteam.com

Job Description

•  Develop, implement, and maintain a robust cybersecurity governance, risk, and compliance framework in line with industry best practices and regulatory requirements.
• Proficient in various regulatory frameworks (ISO 27001,27005,22301,31000,27701,NCA ,SAMA,NIST and PCI DSS)
• Develop, implement, and maintain robust Data privacy and protection per NDMO, NCA, and ISO 27701 standards.
• Develop and enhance the cybersecurity Operating Model Framework, strategy, and roadmap, ensuring alignment with the company's corporate strategy, requirements, and applicable regulations.
• Gain expertise in various types of environments, whether they are on-premises or cloud-based.
• Gain expertise in designing and implementing security architecture.
• Work together with other stakeholders to link our cybersecurity Opective and privacy departments with GRC objectives.
• Maintain up-to-date knowledge of procedures and methods that serve to broaden team knowledge and industry expertise.
• Act as a key collaborator to the continuous improvement of the GRC function based on a thorough knowledge of contemporary Technology Governance, Risk & Compliance Management practices.

Qualifications

• Bachelor's degree in computer science, information security, or a related field
• Strong understanding of security concepts and principles
• Related Certification (CISM, CISSP, ISO/IEC 27001 Lead Auditor, ISO 31000 Risk Manager.. etc.)
• Excellent problem-solving and analytical skills
• Strong communication and teamwork skills
• Strong leadership skills
• Self and quick learning skills