Governance Risk and Compliance Officer

We are looking to hire a skilled GRC officer who will be responsible for assessing the effectiveness efficiency and security of our IT systems while ensuring compliance against industry standards best practices and internal processes and procedures. As part of his duties he will be responsible for overseeing compliance with and reporting to Management on how to mitigate possible risk.

Responsibilities

• Develop review monitor and implement the companys information security management system including processes policies systems and procedures and continuously improve the ISMS to keep up with changing regulatory requirements and industry best practices.
• Develop review and monitor the Firms business continuity & disaster recovery plan and identify potential risks areas and ensure steps are taken to mitigate same.
• Investigate and report violations of processes procedures and regulatory standards across the operations of the Firm including but not limited to engineering and operations departments with effective action plans in response to discoveries and compliance violations.
• Build an internal audit plan and schedule to cover all aspects as per the management needs.
• Prepare internal audit reports detailing findings recommendations and corrective actions.
• Plan and conduct regular audits and assessments to identify areas of noncompliance and develop corrective action plans.
• Monitor and report on compliance issues including data breaches security incidents and regulatory changes and take appropriate actions to address them.
• Ensure that compliancerelated issues are communicated effectively to the leadership team and the board of directors.
• Provide guidance and training employees on security & compliancerelated topics based on the best practices and industry standards.
• Foster a culture of compliance within the organization where all employees understand the importance of compliance and their role in maintaining it.
• Liaise with external auditors and regulators as necessary to demonstrate compliance with relevant laws and regulations.
• Collaborate with crossfunctional teams to ensure that compliance & ISMS requirements are integrated into all aspects of software development project management and operations etc.
• Migrate manage and excel the GRC tasks to a wellknown GRC tool.
• Perform and manage an enterprise risk assessment across the organization based on a defined risk management policy and procedure.
• Work closely with all departments on risk management tasks including identification & mitigation of risks.
• Work closely with all departments on their new tools and softwares to make sure it follows ProgressSoft vision policies and to reflect on any required changes to the current processes and internal controls.
• Ability to read and understand third party agreements from Clients & assess the level of risk acceptance towards security terms and conditions.
• Ability to perform third party risk assessments (Vendor & Client).
• Understand the internal workflows and procedures assess any areas for improvement.

Requirements:

• Bachelors degree in computer science or any related field.
• Minimum of 12 years experience in areas related to Governance Compliance Officer IT Auditor or Information Technology Risk Management.
• Strong knowledge of IT auditing principles practices and frameworks (e.g. GRCP COBIT ISO 27001 or related discipline).
• Familiarity with security frameworks and compliance requirements (e.g. ISO27001 GDPR PADSS).
• Familiarity of cybersecurity & compliance regulations across Middle East countries (e.g. Jordan/ UAE/ Oman/ Kuwait/ Qatar etc..
• Proficiency in risk and audit tools and methodologies.
• Provide insights for informed decisionmaking.
• Excellent analytical critical thinking and problemsolving skills.
• Excellent reporting and presentation skills.
• Exposure to IT Governance and its activities.
• Ability to work independently and as part of a team.
• Ability to multitask pay attention to details and meet deadlines.

Performance goal/KPI

• Ensure staff members comply with all laid down processes and procedures.
• Presentation to the top management and as may be required.
• Ensure Staff members comply with the of technology at all levels.
• Submission of timely and regular reporting to Management on the status of progress and achievements.

Required Experience:

Unclear Seniority