Cyber security GRC senior associate

Exciting Opportunity: Senior Associate in Cyber Security Governance, Risk, and Compliance

Full Relocation Support Provided

Fluent Arabic Speaking Required
Our client, a leading financial services giant in Qatar, is seeking a dedicated and experienced Senior Associate to join their IT Department. This pivotal role involves leading and managing the cyber security governance and awareness initiatives to ensure alignment with the company's vision and mission. The successful candidate will be instrumental in ensuring cybersecurity policies and procedures comply with industry regulations, laws, and internal standards.

Key Responsibilities

Policy Development and Implementation:

Craft and enforce cybersecurity governance policies and procedures, ensuring regular updates and compliance.
Risk Management:

Monitor and assess cyber risks, collaborating with stakeholders to develop and implement risk response plans.
Security Reviews:

Continuously review and update security controls, policies, and procedures to align with company objectives and risk profile.
Audit Participation:

Engage in cybersecurity audits and compliance reviews, ensuring timely completion of remediation actions.
Regulatory Compliance:

Implement controls to comply with relevant laws, regulations, and industry standards (e.g., GDPR, ISO27001).
Communication and Training:

Educate and guide employees on cybersecurity risk management and compliance, and communicate issues to upper management.
Industry Awareness:

Stay updated on industry trends and developments, recommending policy and procedure updates as necessary.
Reporting:

Prepare and manage periodic management and progress reports to inform senior management and facilitate decision-making.

Performance Indicators

Audit Findings:

Criticality of internal and external audit findings.
Risk Impact:

Level and impact of residual risk.
Awareness Activities:

Number of company-wide awareness-raising activities.

Qualifications and Experience

Educational Background:

Bachelor's degree in Computer Science, Cybersecurity, or a related field.
Certifications:

Relevant certifications such as CISSP, CISM, CISA, or CGEIT, and ISO 27001 lead auditor/implementer.
Experience:

At least 10 years of experience in cybersecurity or incident response.

Essential Skills

Business Acumen:

Understanding of business operations, goals, and priorities to align cybersecurity efforts with business needs.
Regulatory Knowledge:

Familiarity with industry regulations and compliance requirements such as GDPR and ISO27001.
Risk Management:

Knowledge of the organization's risk appetite and tolerance, prioritizing efforts based on risk and potential impact.
Resource Management:

Awareness of budget and resource constraints, ensuring cybersecurity efforts are feasible and financially aligned.
Customer Focus:

Understanding of customer expectations for data privacy and security.
Supply Chain Knowledge:

Insight into the organization's supply chain and third-party relationships for appropriate risk management.
Reputation Management:

Protecting the organization's reputation and maintaining customer trust through robust cybersecurity measures.
If you are passionate about cybersecurity governance, risk management, and compliance, and have the expertise to drive our client's initiatives forward, we encourage you to apply for this exciting opportunity. Full relocation support is provided to the successful candidate.

TPBN1_UKTJ