Enable job alerts via email!

GRC (Governance, Risk & Compliance) Consultant/ Senior Consultant

Grant Thornton Bahrain

Bahrain

On-site

BHD 20,000 - 40,000

Full time

30+ days ago

Boost your interview chances

Create a job specific, tailored resume for higher success rate.

Job summary

An established industry player in Bahrain is seeking a talented Governance, Risk & Compliance Consultant/Senior Consultant to join their expanding IT Advisory team. This role involves leading GRC engagements, executing IT audits, and developing security standards to enhance clients' security posture. The ideal candidate will possess a strong understanding of risk management and security practices, with the ability to communicate effectively and build strong client relationships. If you're ready to make a significant impact in a fast-paced environment and help organizations navigate their compliance challenges, this opportunity is perfect for you.

Qualifications

  • 1 to 5+ years in IT Governance, Risk & Compliance experience required.
  • Strong leadership and personnel management skills are essential.
  • Good communication skills in English; Arabic is a plus.

Responsibilities

  • Lead and execute GRC engagements and IT audits.
  • Develop IT security standards and improve clients' security positioning.
  • Evaluate business and IT risks and audit against regulations.

Skills

Risk Management
Security and Privacy Practices
Communication Skills
Understanding of ISO 27001
Experience with VA Tools (Nessus, Qualys)
Leadership Skills
Client Relationship Management

Education

CEH
ISO 27001 ISMS
ISO 22301 BCMS
CISA
COBIT
CISM

Tools

Nessus
Qualys

Job description

Job Number: GRC (Governance, Risk & Compliance) Consultant/ Senior Consultant

Location: Bahrain

Category: Technology Advisory

Grant Thornton Abdulaal Bahrain is expanding their IT GRC practice and looking to hire candidates for Consultant/ Senior Consultant roles. As an integral member of the IT Advisory team, reporting to the GRC team, the responsibility is to carry out engagements related to policy compliance, security requirements governance, as well as risk management.

The ideal candidate will have knowledge of risk management, security and privacy practices and be an effective communicator, both written and verbal.

Responsibilities include:

  • Lead and/or execute GRC engagements and IT audits.
  • Review and/or prepare project deliverables.
  • Point of contact for the client during the engagement execution.
  • Develop and participate in the implementation of client initiatives focused on the reduction of technology risk, governance, and compliance to policies and external regulatory compliance.
  • Evaluate business and IT risks.
  • Audit IT organizations, IT processes, and IT systems against regulations, standards, and good practices such as COBIT and ITIL.
  • Develop IT security standards, procedures, and controls to manage risks. Improve clients' security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Evaluate information security threats and their impact on clients' IT environment.
  • Support senior team members, assist with the analysis of requirements and design of clients' information security posture, as well as Legal, Regulatory, and Scheme security requirements.
  • Support senior team members in the delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, EU GDPR, and Bahrain PDPL and incident management disciplines.
  • Perform and investigate internal and external information security risk and exceptions assessments.
  • Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test results, phishing, and social engineering tests and attacks.
  • Document and report control failures and gaps to stakeholders. Provide remediation guidance and prepare management reports to track remediation activities.
  • Stay current on best practices and technological advancements and act as a technical resource for security assessment and regulatory compliance.
  • Perform other related duties as assigned based on business requirements.
  • Knowledge of virtualization and cloud computing would be essential.

Skills:
  • Understanding of ISO 27001, PCI DSS, ITIL, ITSM, COBIT, ISO 31000, and NIST standards and frameworks preferred.
  • For GRC role, hands-on experience with VA tools (e.g., Nessus, Qualys) would be an advantage.
  • Experience in risk management principles and associated methodologies.
  • Ideally will have a CEH/ ISO 27001 ISMS/ ISO 22301 BCMS/ CISA/ COBIT/ CISM qualification.
  • Proven ability to make sound pragmatic decisions and judgments under tight timelines.
  • Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way, both internally and externally.

Essential requirements:
  • Experience: 1 to 5+ years in IT Governance, Risk & Compliance.
  • Ability to work in a fast-paced, high-pressure atmosphere by being attentive and having a strong eye for details.
  • Strong leadership and personnel management skills.
  • Exceptional client service along with the ability to develop excellent client relationships.
  • Good at meeting deadlines and solving problems.
  • Good communication skills, both verbal and written in English (Arabic is a plus).
Get your free, confidential resume review.
or drag and drop a PDF, DOC, DOCX, ODT, or PAGES file up to 5MB.
TrustpilotStars
Rated “Excellent” based on 15,781 reviews
Follow us
JobLeads Youtube ProfileJobLeads Linkedin ProfileJobLeads Instagram ProfileJobLeads Facebook ProfileJobLeads Twitter AccountJobLeads Xing Profile
Company
Services
Free resources
Support

© JobLeads 2007 - 2025 | All rights reserved