Security Consultant - GRC

EXPERIENCE:

8 - 10 Years

SKILL SETS:

Security Standards & Controls / GRC Tools / Compliance Frameworks

Key Responsibilities:

70% of your time will be spent on GRC activities, including:

• Collaborating with clients to understand their compliance requirements and develop strategies to meet them.
• Implementing and maintaining security programs based on industry standards and regulations, such as ISO 27001, ISO 22301, PCI DSS, UAE Information Assurance Scheme (UAES IA), ADHICS, NESA, and NCEMA.
• Conducting risk assessments and developing risk mitigation plans.
• Providing recommendations to improve an organization's overall security posture.
• Documenting and reporting on security gaps and providing remediation guidance.
• Conducting due diligence assessments on third-party vendors.
• Developing and implementing processes to automate and continuously monitor information security controls, exceptions, risks, and reporting metrics.
• Interviewing stakeholders across the organization to assess security controls and identify areas for improvement.

30% of your time will be spent on technical tasks, including:

• Installing, configuring, and customizing RSA Archer GRC platform.
• Working as an Archer Implementation Engineer to create technical design documents and architecture for GRC deployments.
• Reporting on Project Deployment Status
• Support RSA Archer Deployments across our customer base
• Reporting/Closure of Incidents & Service Requests on Support

To be successful in this role, you will need:

• A strong understanding of cybersecurity principles and best practices.
• Experience with implementing security standards and controls, such as ISO 27001 and PCI DSS.
• Excellent communication and interpersonal skills to collaborate effectively with clients at all levels.
• The ability to work independently and manage multiple projects simultaneously.
• Proficiency in GRC tools such as RSA Archer or CAMMS.

CERTIFICATIONS:

CISA

TECHNICAL SKILLS /COMPETENCIES:

MANDATORY

Experience with conducting security audits.

Knowledge of relevant compliance frameworks, such as NIST Cybersecurity Framework ,PCI DSS and COBIT.

Write basic SQL queries for data retrieval.

Experience with data feeds and RSA Archer's Data Integration tool

Familiarity with scripting languages (Python, RASL, ABR).

Manage the OS (Windows/Linux) where RSA Archer is deployed.

Basic understanding of programming languages / Python.

API Integration Skills / Java Script

SOFT SKILLS:

MANDATORY

1. Effective Communicator

2. Conflict Resolver

3. Adaptability

4. Influence and Persuasion

5. Strategic Thinking

6. Presentation Skills