GRC Consultant

For Saudi Nationals only as per customer compliance requirements

One year contract not renewable

Role:
Job is to lead information security Governance, Risk Management and Compliance Engagements for Jafeer Customers.

Responsibilities:

• Lead/Participate in various IT Risk Management & Business continuity initiatives.
• Ensuring that requirements in IT Audit, Standard, Policy, Compliance and Risk controls are met.
• Provide GRC consultancy and best practices to business teams
  Ensure external auditors have the access and information they need to complete their audit successfully.
• Design audit programs and test plans to determine the adequacy and effectiveness of internal controls and compliance with Enterprise policies and procedures and applicable regulations.
• Conduct interviews and process walkthroughs with of select personnel and document and assess business processes and information systems to determine the adequacy of the control environment.
• Demonstrate well IT auditing based on industry best practices and regulations.

Possesses a high degree of independence, integrity, and confidentiality while able to develop independently and deliver presentations and can respond to questions.
Demonstrates understanding and use of basic project management methodologies.
Ability to document and explain technical details in a concise, understandable manner.
Highly organized and able to multi-task and manage concurrent deadlines and able to contribute to effectively and lead working groups.
Ability to successfully interface with clients (internal and external)
Excellent communication skills

Prior hand-on technical working experience in least 2 of the domains: NCA-ECC, ISO27K, Cloud Services, NIST, PCI DSS, BCP/DR/Crisis Management.Relevant experience in IT Risk & ComplianceKnowledge in Risk Management (exposure to GRC tools is preferred)Experience in assessing, development, deployment of security policies, procedure and standards.Some technical experience to understand and communicate effectively with development and operation teams.Strong written Arabic & English and verbal communication skills.Ability to effectively communicate and obtain buy-in at all levels of the organization and with internal stakeholders across the businessProject management experience is a plusISO27K lead implementer/Auditor, CISA, CISM, CRISC, CISSP, PMP or similar Certificates is a plus

Bachelor's degree in Computer Science, Software Engineering, or a related field.