GRC Analyst (Information Security)

BAE Systems Strategic Aerospace Services WLL

Job Location:

Doha - Qatar

Salary: Not Disclosed

Posted on: 30+ days ago

Vacancies: 1 Vacancy

Job Summary

Control frameServices mapping (ISO 27001 QCSF NIA ) to business processes.
Control design & effectiveness testing (walkthroughs sampling test scripts).
Audit lifecycle execution (readiness fieldServices coordination closure with auditors).
Evidence management & traceability (artifact collection versioning chain of custody).
Risk assessment & treatment (registers scoring models risk acceptance/mitigation plans).
Policy/standard/procedure development and periodic review for auditability.
Third-party/vendor risk management
Cloud security compliance (AWS/Azure/GCP: IAM logging baseline configurations).
Regulatory alignment (NIA Qatar Privacy Law Qatar Cyber Crime Law GDPR/CCPA PCI DSS ) and applicability analysis.
Metrics & reporting (KPIs/KRIs dashboards executive summaries).
Issue management & remediation tracking
GRC platform proficiency

Requirements

Bachelors in computer science Information Security IT and equivalent handson experience.
Certification: CompTIA Security ISO 27001 Internal Auditor/LeadImplementer CCSK CISA CISM CISSP
Clear written and verbal communication
4 Years can lead an audit cycle end-to-end mature control sets and coach other

Control frameServices mapping (ISO 27001 QCSF NIA ) to business processes.Control design & effectiveness testing (walkthroughs sampling test scripts).Audit lifecycle execution (readiness fieldServices coordination closure with auditors).Evidence management & traceability (artifact collection version...