IT GRC Consultant

Responsible for delivering professional GRC services, developing and implementing cybersecurity strategies, and ensuring compliance with industry standards and frameworks. This role requires strong technical knowledge, excellent communication skills, and the ability to manage client relationships effectively.

Key Responsibilities:

• Deliver GRC professional services to clients across various industries.
• Develop and implement customized GRC programs tailored to client needs.
• Design and implement cybersecurity strategies, objectives, policies, standards, and procedures.
• Conduct risk assessments including identification, analysis, mitigation, and monitoring.
• Perform compliance assessments against international cybersecurity frameworks (e.g., ISO 27001, NIST, PCI-DSS).
• Conduct cybersecurity audits and maturity assessments.
• Develop and execute cybersecurity awareness and training programs.
• Manage and maintain GRC platforms and tools.
• Establish, manage, and monitor the organization’s risk register and provide periodic risk reports.
• Act as the primary point of contact for GRC-related projects, initiatives, and programs.
• Build and maintain strong relationships with clients and internal stakeholders.
• Support due diligence activities for mergers and acquisitions, providing risk and compliance insights to senior management.

Qualifications & Experience:

• Bachelor’s degree in Information Security, Information Technology, or a related field.
• 2 years of experience in GRC, cybersecurity, or risk management roles.
• Professional certifications in GRC.
• Excellent analytical, problem-solving, and communication skills.
• Fluent in English; Arabic is a plus.