GRC Analyst (Information Security)
شارك هذه الوظيفة
موقع الوظيفة:
الراتب شهرياً:
تاريخ النشر:
أمس
عدد الوظائف الشاغرة:
1 عدد الوظائف الشاغرة
ملخص الوظيفة
- Control frameServices mapping (ISO 27001 QCSF NIA ) to business processes.
- Control design & effectiveness testing (walkthroughs sampling test scripts).
- Audit lifecycle execution (readiness fieldServices coordination closure with auditors).
- Evidence management & traceability (artifact collection versioning chain of custody).
- Risk assessment & treatment (registers scoring models risk acceptance/mitigation plans).
- Policy/standard/procedure development and periodic review for auditability.
- Third-party/vendor risk management
- Cloud security compliance (AWS/Azure/GCP: IAM logging baseline configurations).
- Regulatory alignment (NIA Qatar Privacy Law Qatar Cyber Crime Law GDPR/CCPA PCI DSS ) and applicability analysis.
- Metrics & reporting (KPIs/KRIs dashboards executive summaries).
- Issue management & remediation tracking
- GRC platform proficiency
Requirements
- Bachelors in computer science Information Security IT and equivalent handson experience.
- Certification: CompTIA Security ISO 27001 Internal Auditor/LeadImplementer CCSK CISA CISM CISSP
- Clear written and verbal communication
- 4 Years can lead an audit cycle end-to-end mature control sets and coach other
المجال
خدمات تقنية المعلومات واستشارات تكنولوجيا المعلومات
المهارات المطلوبة
- IT Experience
- Splunk
- IDS
- Cybersecurity
- FIPS
- PCI
- NIST Standards
- أمن المعلومات
- Encryption
- FISMA
- إطار إدارة المخاطر
- Siem
