- Maintain a deep knowledge of risk mitigation principles and techniques of the international risk and security standards to manage compliance with such standards and regulations including ISO 27001, ISO 27005, NIST, PCI/DSS, and more other frameworks.
- Conduct technical risk assessments and collaborate/communicate in a simple, clear, and concise manner to the various communities within our organization.
- Develop the required Information Security controls and policies to support the organization governance and compliance objectives.
- Assist with analysis and documentation of audit remediation actions related to Information Security.
- Drive development of use cases and business requirements in close partnership with cross-functional stakeholders (GRC, Security, Privacy, Audit, Compliance, etc.) to fulfill all applicable solution needs.
- Employ business analysis and solution skills to interpret business requirements/impacts to ensure the optimal tooling strategies are identified, designed and implemented to meet business needst.
- Review the technical design and SDLC documentation with the technical experts to assure controls and policies implementations.
- Provide guidance and share best practices for design and implementation of the GRC platforms.
- Ensure partnership with different teams for Proactive Compliance Risk Management - identification, assessment, risk action planning, and closures.
- Conduct employee awareness and assist in developing training materials and where necessary assist in specific training.
Minimum of a bachelor's degree or equivalent in information technology, computer science or related field.The ability to work across multiple frameworks and regulatory standards including, but not limited to: NIST, PCI, ISO, and GDPR.Experience with information security frameworks and standards as well as risk management processes is a must.Experienced with performing information security audits processes or risk assessments.Expertise with security policy development, deployment, and adoption acceleration.Holding any of these certifications: CISSP, CISM, CRISC, CCISO Experience.Minimum 5 years of relevant experience.Languages:- English: Excellent command of (Speaking, reading and writing).- Arabic: Native command of (Speaking, reading and writing).