Cybersecurity GRC Consultant

Company Description

IT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.

IT Security C&T is continuously expanding its team of qualified professionals for a wide range of opportunities. Interested candidates are required to apply via our Career webpage on our website (www.itsecurityct.com)

• Develop and maintain cybersecurity governance, risk management, and compliance frameworks, strategies, and practices.
• Collaborate with cross-functional teams to identify and assess cybersecurity risks and vulnerabilities.
• Conduct regular security assessments, risk assessments, and gap analyses to ensure compliance with industry standards, regulations, and best practices.
• Provide expert guidance in the development of policies, procedures, and controls to mitigate cybersecurity risks.
• Review and analyze security controls, processes, and technologies to identify and address any gaps or weaknesses.
• Monitor and evaluate emerging cyber threats and vulnerabilities and recommend appropriate mitigation strategies.
• Stay abreast of changes in regulatory requirements, industry standards, and cybersecurity best practices to ensure ongoing compliance.
• Act as a subject matter expert and provide guidance to stakeholders, including management, on cybersecurity governance, risk management, and compliance matters.
• Conduct cybersecurity awareness and training programs for employees to promote a culture of security and compliance.
• Assist with incident response, investigations, and the recovery process, ensuring appropriate actions are taken to address and mitigate any security incidents.

• Bachelor’s degree in computer science, Information Technology, or a related field. Relevant professional certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
• Minimum 1-2 years of Cybersecurity GRC Consultant experience
• Proven experience as a Cybersecurity GRC Consultant or in a similar role, with a strong focus on governance, risk management, and compliance.
• In-depth knowledge of cybersecurity frameworks and standards (e.g., NIST, ISO 27001, GDPR) and their practical implementation.
• Familiarity with security controls, technologies, and best practices across various domains, such as network security, application security, and data protection.
• Strong analytical and problem-solving skills, with the ability to assess risks, identify vulnerabilities, and develop effective mitigation strategies.
• Excellent communication and presentation skills, with the ability to convey complex cybersecurity concepts to stakeholders at all levels.
• Strong understanding of regulatory requirements relevant to National Cybersecurity Authority.
• Demonstrated commitment to ongoing professional development in the field of cybersecurity.
• Native Arabic speaker and professional in English language.