Senior Consultant ISMSGRC

Karachi - Pakistan

Yearly Salary: PKR 6 - 8

Posted on: 15 days ago

Vacancies: 1 Vacancy

Job Summary

Description

We are seeking a highly experienced Senior Consultant with strong expertise in Information Security Management Systems (ISMS) and IT Governance Risk and Compliance (IT GRC). The ideal candidate should have a proven track record of implementing and auditing ISO 27001 developing and designing IT GRC frameworks based on COBIT NIST and conducting risk assessments to ensure compliance with industry standards and regulations like GDPR SAMA NESA NCA PDPL etc.

Job Description:

ISMS Responsibilities:

Lead the implementation management and auditing of ISO 27001-based Information Security Management Systems (ISMS).

Perform gap assessments to identify areas of non-compliance and develop corrective action plans.

Conduct risk assessments and ensure risk mitigation strategies are aligned with business objectives.

Develop and refine ISMS policies procedures and controls in compliance with ISO 27001 and other relevant standards.

Support clients in achieving and maintaining ISO 27001 certification including audit readiness.

Provide guidance on security incident management and business continuity planning.

IT GRC Responsibilities:

Develop and implement IT governance frameworks based on COBIT NIST and other best practices.

Conduct IT risk assessments and define risk treatment plans.

Ensure compliance with regulatory requirements such as GDPR NIST GDPR and local cybersecurity regulations.

Design and implement IT compliance and risk management programs policies and controls.

Provide advisory services on third-party/vendor risk management.

Assist organizations in aligning IT strategy with business objectives through effective governance practices.

Requirements

Masters or Bachelors degree in Information Security Computer Science or IT-related field.
Certifications (preferred): ISO 27001 Lead Implementer / Lead Auditor CISM CRISC CISSP CISA or COBIT 2019 Foundation.
Experience: Minimum 68 years of experience in ISMS and IT GRC consulting implementation or auditing.
Hands-on experience in conducting ISO 27001 gap assessments risk assessments and audits.
Strong practical knowledge of IT governance frameworks (COBIT NIST ITIL etc.).
Experience in handling regulatory compliance requirements such as GDPR NIST and PCI-DSS.
Excellent report writing communication and stakeholder management skills.

Required Experience:

Senior IC

DescriptionWe are seeking a highly experienced Senior Consultant with strong expertise in Information Security Management Systems (ISMS) and IT Governance Risk and Compliance (IT GRC). The ideal candidate should have a proven track record of implementing and auditing ISO 27001 developing and designi...