GRC Implementation Consultant
Al Reem Group
نشرت في 19 مارس
أرسل لي وظائف مثل هذه
الجنسية
أي جنسية
جنس
غير مذكور
عدد الشواغر
1 عدد الشواغر
الوصف الوظيفي
الأدوار والمسؤوليات
1. GRC Framework Implementation
Lead end-to-end implementation of GRC programs based on frameworks such as ISO 27001 and local regulations (e.g., UAE IA, TDRA, CSC, NCEMA).
Develop and deploy governance structures, policies, standards, and procedures.
Facilitate risk assessments (operational, IT, cybersecurity, vendor risk).
Map risks to controls and recommend risk treatment plans.
2. Compliance & Audit Management
Implement and monitor compliance programs to ensure adherence to regulatory and internal requirements.
Conduct control assessments, maturity assessments, and internal audits.
Support external audits by preparing evidence, documentation, and remediation plans.
Track non-conformities, CAPA (Corrective Actions), and compliance KPIs.
3. Risk Management Activities
Run enterprise, IT, cybersecurity, and vendor risk assessments.
Maintain and update the enterprise risk register.
Analyze threats, vulnerabilities, impact, and likelihood to calculate risk scores.
Provide recommendations to mitigate or optimize risks.
4. Resilience and Business Continuity
Design, implement, and maintain the Business Continuity Management System (BCMS) including Business Impact Analysis (BIA), Business Continuity & Recovery Planning, Crisis & Incident Management, Testing, Exercising & Maintenance, Training & Awareness, Compliance, Audit & Assurance
5. Stakeholder Engagement & Advisory
Conduct workshops, awareness sessions, and training for process owners.
Collaborate with IT, Business, HR, Legal, Operations, and external auditors.
Serve as a subject matter advisor on governance, cyber regulations, and best practices.
6. Documentation & Reporting
Prepare detailed project documentation, implementation plans, and status reports.
Develop SoPs, risk treatment plans, audit reports, and compliance dashboards.
Report risk posture, compliance gaps, KRIs, and KPIs to management.
7. Project Management
Manage the client engagement independently in terms of Project plan, deliverables and closure
الملف الشخصي المطلوب للمرشحين
Education
Bachelor's degree in information security, IT, Risk Management, or related field.
Certifications (Mandatory)
ISO 27001 Lead Implementer or Lead Auditor
ISO 22301 Lead Implementer or Lead Auditor
Certifications (Preferred)
CRISC / CISM / CISSP
ISO31000 (ERM)
Skills & Competencies
Strong knowledge of GRC frameworks and regulatory requirements.
Excellent documentation and presentation skills.
Strong analytical and problem-solving abilities.
Ability to manage multiple clients, stakeholders and projects.
Experience conducting risk assessments and control design.
Understanding cybersecurity, IT processes, and audit methodologies.
Experience Requirements
3 8 years of experience in GRC implementation or consulting.
Experience in implementing ISMS & BCMS on ISO 27001, ISO 22301, UAE IA, NCEMA or equivalent frameworks.
Practical experience leading audits, assessments, and GRC tool deployments.
Experience in government/regulatory environments (e.g., UAE IA, NCEMA) is an advantage.
Key Deliverables
GRC framework implementation roadmap
Policies, standards, and procedures
Risk registers and treatment plans
Compliance assessments and audit reports
GRC tool dashboards, workflows, and automation
Training and awareness sessions
Soft Skills
Leadership and influence without authority
Ability to work under pressure and manage deadlines
Strong stakeholder communication
Attention to detail and structured thinking
Preference shall be given to those in UAE and available for immediate join
القطاع المهني للشركة
- سلع الاستهلاكية سريعة التحرك
- الأغذية
- المشروبات
المجال الوظيفي / القسم
- سوفت وير تقنية المعلومات
الكلمات الرئيسية
- GRC Implementation Consultant
تنويه: نوكري غلف هو مجرد منصة لجمع الباحثين عن عمل وأصحاب العمل معا. وينصح المتقدمون بالبحث في حسن نية صاحب العمل المحتمل بشكل مستقل. نحن لا نؤيد أي طلبات لدفع الأموال وننصح بشدة ضد تبادل المعلومات الشخصية أو المصرفية ذات الصلة. نوصي أيضا زيارة نصائح أمنية للمزيد من المعلومات. إذا كنت تشك في أي احتيال أو سوء تصرف ، راسلنا عبر البريد الإلكتروني abuse@naukrigulf.com
وظائف مماثلة
رئيس البنية التحتية والأمن السيبراني
Nazih Trading Company LLC
- 4 - 6 سنوات
- الشارقة - الإمارات العربية المتحدة
Information Security Officer
INTALEQ
- 8 - 15 سنوات
- Doha - Qatar
مهندس أمن المعلومات
SUNDUS MANAGEMENT CONSULTANCY & STUDIES BUREAUL.L.C
- 3 - 6 سنوات
- دبي - الإمارات العربية المتحدة
Assistant Manager – Cyber Security, Assurance & Risk UAE National-IT
DUBAI PROPERTIES GROUP LLC
- 3 - 5 سنوات
- Dubai - United Arab Emirates (UAE)
Cyber Security Manager
Confidential Company
- 8 - 15 سنوات
- Umm Al Qaiwain - United Arab Emirates (UAE)