[ref. a1576320] Security Consultant - GRC
Job Description
Skills: GRC Frameworks, Security Audits, Cybersecurity, RSA Archer, NIST Framework, ISO 27001, Regulatory Compliance, PCI DSS,
Experience
8 - 10 Years
Skill Sets
Security Standards & Controls / GRC Tools / Compliance Frameworks
Key Responsibilities
70% of your time will be spent on GRC activities, including:
- Collaborating with clients to understand their compliance requirements and develop strategies to meet them.
- Implementing and maintaining security programs based on industry standards and regulations, such as ISO 27001, ISO 22301, PCI DSS, UAE Information Assurance Scheme (UAES IA), ADHICS, NESA, and NCEMA.
- Conducting risk assessments and developing risk mitigation plans.
- Providing recommendations to improve an organization's overall security posture.
- Documenting and reporting on security gaps and providing remediation guidance.
- Conducting due diligence assessments on third-party vendors.
- Developing and implementing processes to automate and continuously monitor information security controls, exceptions, risks, and reporting metrics.
- Interviewing stakeholders across the organization to assess security controls and identify areas for improvement.
30% of your time will be spent on technical tasks, including:
- Installing, configuring, and customizing RSA Archer GRC platform.
- Working as an Archer Implementation Engineer to create technical design documents and architecture for GRC deployments.
- Reporting on Project Deployment Status
- Support RSA Archer Deployments across our customer base
- Reporting/Closure of Incidents & Service Requests on Support
- A strong understanding of cybersecurity principles and best practices.
- Experience with implementing security standards and controls, such as ISO 27001 and PCI DSS.
- Excellent communication and interpersonal skills to collaborate effectively with clients at all levels.
- The ability to work independently and manage multiple projects simultaneously.
- Proficiency in GRC tools such as RSA Archer or CAMMS.
Certifications
CISA
Technical Skills /Competencies
MANDATORY
Experience with conducting security audits.
Knowledge of relevant compliance frameworks, such as NIST Cybersecurity Framework ,PCI DSS and COBIT.
Write basic SQL queries for data retrieval.
Experience with data feeds and RSA Archer's Data Integration tool
Familiarity with scripting languages (Python, RASL, ABR).
Manage the OS (Windows/Linux) where RSA Archer is deployed.
Basic understanding of programming languages / Python.
API Integration Skills / Java Script
Soft Skills
MANDATORY- Effective Communicator
- Conflict Resolver
- Adaptability
- Influence and Persuasion
- Strategic Thinking
- Presentation Skills