Job Description

A leading firm in Bahrain is hiring IT consultants for GRC practice and look to hire candidates for Consultant / Senior Consultant. As an integral member of the IT Advisory team, reporting to the Manager / Senior Manager, the responsibility of the GRC team is to carry out the engagements related to policy compliance, security requirements governance, as well as risk management. The ideal candidate will have knowledge of risk management, security, and privacy practices and be an effective communicator, both written and verbal.

What you will be responsible for: 1. Execute GRC engagements and IT audits 2. Review/ prepare project deliverables 3. Develop and participate in the implementation of client initiatives focused on the reduction of technology risk, governance, and compliance to policies and external regulatory compliance 4. Evaluating business and IT risks 5. Audit IT organizations, IT processes, and IT systems against regulations, standards, and good practices such as COBIT and ITIL 6. Developing IT security standards, procedures, and controls to manage risks. Improve client security positioning through process improvement, policy, automation, and the continuous evolution of capabilities. 7. Evaluate information security threats and their impact client's IT environment 8. Supporting the Senior team members, assisting with the analysis of requirements and design of clients' information security posture, as well as Legal, Regulatory, and Scheme security requirements. 9. Supporting the senior team members in the delivery of work streams for clients in compliance standards such as PCI DSS, ISO27001, EU GDPR and Bahrain PDPL and incident management disciplines. 10. Performing and investigating internal and external information security risk and exceptions assessments. Assessing incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks. 11. Documenting and reporting control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities. 12. Staying current on best practices and technological advancements and acts as a technical resource for security assessment and regulatory compliance. 13. Performing other related duties as assigned from time to time based on the business requirements Experience: . Senior Consultant : 3+ years' experience in IT Governance, Risk & Compliance . Consultant : 1-2 years' experience in IT Governance, Risk & Compliance Skills: . Understanding of ISO 27001, PCI DSS, ITIL, ITSM, COBIT standards preferred . Experience of risk management principles and associated methodologies . Ideally will have a CEH, CISSP, CISA or CISM qualification . Proven ability to make sound pragmatic decisions and judgements under tight timelines. . Strong interpersonal and influencing skills with the ability to influence and drive change in a collaborative way both internally and externally

Full time