Scribd
Upload
12 views1 page

JD - GRC Consultant

Aurex Inc is seeking a GRC Consultant to implement GRC systems for clients, focusing on policy compliance, security governance, and risk management. The role requires 3-5 years of experience in IT Governance, Risk & Compliance, knowledge of relevant standards, and strong communication skills. Responsibilities include evaluating risks, developing security standards, supporting compliance initiatives, and documenting control failures.

Uploaded by

s91643080
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
12 views1 page

JD - GRC Consultant

Aurex Inc is seeking a GRC Consultant to implement GRC systems for clients, focusing on policy compliance, security governance, and risk management. The role requires 3-5 years of experience in IT Governance, Risk & Compliance, knowledge of relevant standards, and strong communication skills. Responsibilities include evaluating risks, developing security standards, supporting compliance initiatives, and documenting control failures.

Uploaded by

s91643080
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 1

GRC Consultant

Job Description
Aurex Inc, is looking for a GRC consultant role. As an integral member of the GRC Implementation team, the
responsibility of the GRC Consultant is to carry out the implementation of GRC system for our customers
related to policy compliance, security requirements governance, as well as risk management. The ideal
candidate will have knowledge of risk management, security and privacy practices and be an effective
communicator, both written and verbal.

Responsibilities
• Develop and participate in the implementation of client initiatives focused on the reduction of
technology risk, governance, and compliance to policies and external regulatory compliance.
• Evaluating business and IT risks
• Developing IT security standards, procedures, and controls to manage risks. Improve client security
positioning through process improvement, policy, automation, and the continuous evolution of
capabilities.
• Evaluation of information security threats and their impact on clients' IT environment
• Supporting the Senior team members, assisting with the analysis of requirements and design of clients’
information security posture, as well as Legal, Regulatory, and Scheme security requirements.
• Supporting the senior team members in the delivery of work streams for clients in compliance standards
such as PCI DSS, ISO27001, EU GDPR, and Bahrain PDPL and incident management disciplines.
• Performing and investigating internal and external information security risk and exception assessments.
Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test
results, phishing, and social engineering tests and attacks.
• Documenting and reporting control failures and gaps to stakeholders. Provides remediation guidance
and prepares management reports to track remediation activities.
• Staying current on best practices and technological advancements and acting as a technical resource for
security assessment and regulatory compliance.
• Performing other related duties as assigned from time to time-based on the business requirements.

Qualification
• 3- 5 years experience in IT Governance, Risk & Compliance
• Understanding of ISO 27001, PCI DSS, ITIL, ITSM, and COBIT standards preferred
• Experience with risk management principles and associated methodologies
• Ideally will have a CEH, CISSP, CISA, or CISM qualification.
• Proven ability to make sound pragmatic decisions and judgments under tight timelines.
• Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative
way both internally and externally.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy