Specialist - IT Governance, Risk and Compliance
Synechron
صاحب عمل نشط
نشرت في 5 ابريل
أرسل لي وظائف مثل هذه
الجنسية
أي جنسية
جنس
غير مذكور
عدد الشواغر
1 عدد الشواغر
الوصف الوظيفي
الأدوار والمسؤوليات
Overall Responsibilities
- Support the development, implementation, and ongoing maintenance of IT governance frameworks, standards, and controls
- Conduct IT risk assessments to identify potential threats and document mitigation strategies
- Maintain and update the IT risk register, providing regular reports on risk status and mitigation progress
- Assist in drafting, reviewing, and updating policies, procedures, and guidelines related to IT compliance and security
- Perform compliance evaluations and gap analyses against regulatory, contractual, and internal standards
- Facilitate internal and external audit activities by preparing documentation, collecting evidence, and tracking remediation actions
- Conduct periodic control testing, compliance checks, and risk assessments across IT functions
- Monitor adherence to industry standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT
- Prepare executive dashboards and detailed reports on compliance, risk, and audit findings
- Promote awareness and adherence to governance, risk, and compliance practices within IT teams and across the organization
Technical Skills (By Category)
- Governance Frameworks: COBIT, ITIL (Essential), NIST CSF, ISO 27001 (Preferred)
- Information Security Standards: ISO 27001, NIST, Cybersecurity best practices (Essential)
- Risk Assessment & Management: Risk methodologies, threat identification, mitigation tracking (Essential)
- Regulatory and Compliance Requirements: Data privacy laws, cybersecurity regulations, audit standards (Essential)
- Controls & Processes: IT change management, incident management, access controls, audit coordination (Essential)
- Tools: GRC platforms (RSA Archer, ServiceNow), audit management tools (Preferred)
Day-to-Day Activities
- Support the creation, review, and update of IT policies, standards, and controls
- Conduct risk assessments and maintain the IT risk register
- Perform compliance evaluations, gap analyses, and control testing
- Assist in audit preparation, evidence collection, and remediation tracking
- Monitor compliance status using dashboards; escalate issues and risks as needed
- Collaborate with IT teams, audit, legal, and risk management units for stakeholder engagement
- Track and report regulatory and internal audit findings to senior management
- Promote a culture of compliance and continuous improvement in cybersecurity and governance practices
الملف الشخصي المطلوب للمرشحين
Job Summary
Synechron is seeking a dedicated and knowledgeable Specialist in IT Governance, Risk, and Compliance (GRC) to support the organization s efforts in establishing, maintaining, and enhancing IT governance frameworks. The role involves conducting risk assessments, managing compliance activities, and ensuring alignment with internal controls and regulatory standards. This position is critical in safeguarding the organization's technology environment, promoting best practices, and ensuring adherence to industry standards and legal requirements. The successful candidate will contribute to building a secure, resilient, and compliant IT landscape that supports business objectives and regulatory obligations.
Software Requirements
- Required: Microsoft Office Suite (Word, Excel, PowerPoint), GRC tools (e.g., RSA Archer, ServiceNow), audit management software
- Preferred: Security information and event management (SIEM) systems, Data Privacy tools, ISO 27001 compliance tools
- Experience Level: Intermediate proficiency in relevant software, with the ability to produce detailed reports and track compliance activities
Experience Requirements
- Minimum of 5+ years in IT governance, risk management, compliance roles
- Proven experience in conducting risk assessments and managing compliance activities within complex IT environments
- Demonstrated success in supporting or leading audit activities and remediation efforts
- Familiarity with industry standards such as ISO 27001, NIST Cybersecurity Framework, COBIT
- Experience working with cross-functional teams in diverse organizational settings
Qualifications
- Bachelor s degree in Information Technology, Computer Science, Business Administration, or related field; Master s preferred
- Certifications such as CISA, CISSP, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred
- Ongoing professional development in IT governance, risk management, or compliance fields
Professional Competencies
- Strong analytical and critical thinking capabilities
- Effective communication skills for technical and non-technical audiences
- Ability to interpret frameworks, policies, and regulations and translate them into actionable processes
- Project coordination and task management skills to handle multiple priorities
- High attention to detail and accuracy in documentation and reporting
- Collaboration and stakeholder engagement skills
- Flexibility and adaptability to evolving standards, regulations, and organizational needs
- Demonstrated commitment to ethical conduct and confidentiality
القطاع المهني للشركة
- تكنولوجيا المعلومات - خدمات البرمجيات
المجال الوظيفي / القسم
- سوفت وير تقنية المعلومات
الكلمات الرئيسية
- Specialist - IT Governance
- Risk And Compliance
تنويه: نوكري غلف هو مجرد منصة لجمع الباحثين عن عمل وأصحاب العمل معا. وينصح المتقدمون بالبحث في حسن نية صاحب العمل المحتمل بشكل مستقل. نحن لا نؤيد أي طلبات لدفع الأموال وننصح بشدة ضد تبادل المعلومات الشخصية أو المصرفية ذات الصلة. نوصي أيضا زيارة نصائح أمنية للمزيد من المعلومات. إذا كنت تشك في أي احتيال أو سوء تصرف ، راسلنا عبر البريد الإلكتروني abuse@naukrigulf.com