Job Title

We're looking for an experienced and highly motivated Information Security GRC Specialist with 8 years of progressive experience in the field. You'll be a key player in developing and maintaining our information security policies, expertly managing risks, ensuring stringent compliance with regulatory standards, and overseeing robust incident response procedures.Role and Responsibilities:Governance: Develop, review, and update information security policies, procedures, and frameworks. Integrate security governance into the enterprise risk management framework.Risk Management: Conduct comprehensive risk assessments. Develop and implement risk management strategies. Monitor and evaluate the effectiveness of risk management controls.Compliance: Ensure compliance with regulatory requirements and industry standards. Manage and coordinate internal and external audits. Interact with regulatory bodies and external agencies.Incident Management: Develop and maintain incident response plans. Assist with the investigation and resolution of security incidents. Conduct root cause analysis and develop preventive recommendations.Training and Awareness: Design and implement security awareness training programs. Conduct periodic security training sessions and workshops. Assess and improve training programs based on feedback and incident trends.Reporting and Documentation: Prepare detailed reports on information security governance, risk management, and compliance activities. Document and track issues, findings, and remediation efforts.Provide regular updates to senior management and stakeholders.Policy and Procedure Management: Develop and manage the lifecycle of security policies and procedures. Ensure documentation is current, accurate, and accessible.Audit Management: Manage stakeholder interactions regarding IT-related risks, audit findings, and compliance aspects. Work with external IS auditors/vendors to schedule, monitor, and close IT and IS-related issues.Skills:Strong oral and written communication, analytical, and problem-solving skills.Superior organizing skills along with time and team management.Experience with project management tools like MS Project.Proficiency in collaboration tools like SharePoint and Teams.EducationBachelor’s degree in information security, Computer Science, or a related field.Certification would be an added advantage: CISA, ISO27001, ISO22301, CISSP