Wateen is looking for a dynamic and result oriented Information Security professional as a GRC lead for our cybersecurity team.
Reporting to the head of cybersecurity, risk, and compliance, the GRC lead will build a program from
the ground up including security policy, risk management process, and compliance with standards
and regulations such as ISO27001, GDPR, SOC2 etc
Job Posted Date: 16/July/2022
City/Location: Lahore
Job Category: Information Technology
Job Type: Private
Vacancies Title: CYBERSECURITY – GRC LEAD
Total Vacancies: 01
Experience Required: Candidate must have 7+ years working in governance, risk and compliance and/or information security and risk management.
Age Limit: N/A
Organization / Department Name: Wateen Telecom Limited
Website: https://www.wateen.com/
Email: customercare@wateen.com
Telephone: 021-111-365-111
APPLY ONLINE: https://bit.ly/3RvHjTX
Join our WhatsApp group and every day we will send you the best job links, curated by our team of jobs alert.
Join Our WhatsApp Group: Click Here!
Position Summary:
Reporting to the head of cybersecurity, risk, and compliance, the GRC lead will build a program from
the ground up including security policy, risk management process, and compliance with standards
and regulations such as ISO27001, GDPR, SOC2 etc
Responsibilities:
- Develop the GRC operating model and a service-oriented customer engagement model.
- Operationalize various GRC capability areas such as enterprise security risk management, compliance management, policy management, security awareness training, third party risk management, and metrics and reporting.
- Lead the operationalization of security compliance programs to support various compliance regulations.
- Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
- Work with various operational and business teams to drive toward a cohesive view of security risk and drive remediation items to closure. Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders.
- Monitor the security risk profiles of our suppliers to objectively determine high-risk suppliers that require additional review.
- Establish and maintain security metrics and reporting.
- Respond to customer security/compliance questionnaires.
- Act as security risk management ambassador to internal customers.
Required Knowledge and Skills:
- Functional knowledge of the CISSP security domains and information security industry standard and best practices.
- Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
- Functional knowledge of ISMS governance models (i. e. ISO 27001, NIST, CAIQ), information security roles, security controls.
- Functional knowledge of common security certifications (i. e. ISO 27001, SOC1, SOC2) and ability to glean significance from findings identified in these reports.
- Ability to communicate risk methodologies and concepts to the business unit and IT.
- Demonstrated experience with controls definition, development, implementation and assessment.
- Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
- Strong attention to detail, project management and organizational skills.
Wateen Telecom Limited Jobs for CYBERSECURITY – GRC LEAD |