Job Description

We are seeking an experienced GRC (Governance, Risk, and Compliance) Consultant with expertise in Information Security Compliance Management, The ideal candidate will play a key role in ensuring regulatory compliance, managing security risks, and enhancing governance within the organization

Key Responsibilities: Develop, implement, and maintain Information Security and Compliance frameworks aligned with industry standards such as ISO 27001, NIST, CBUAE, SAMA,


Support Policy Development and Compliance Oversight
Create and update IT policies and procedures to ensure compliance with bank regulations and industry standards. Work with department heads to determine policy requirements and address any potential issues. Design and implement efficient procedures to improve operational effectiveness and productivity. Develop standard documentation, templates, and data formats for consistent use within the IT Division. Suggest Bank Governance team to apply best practices and standards to all IT processes. Participate in both external and internal audits related to the IT Division and its associated units. Conduct regular spot checks across various IT units to ensure adherence to IT policies and procedures. Analyse project requirements and specifications to develop a clear and effective testing strategy. Create a comprehensive test plan that details the scope, objectives, schedule, and testing approach. Coordinate with the bank respective stakeholders to help Develop detailed test cases and scripts based on requirements and design specifications. Coordinate with the bank respective stakeholders and suggest approaches to Generate test data to cover a range of scenarios for thorough test execution. Coordinate with the bank respective stakeholder to Execute test cases to ensure the software operates as intended. Identify and document defects, including functional errors and performance issues. Coordinate to and work with IT team to Log defects with comprehensive details, such as reproduction steps, severity, and relevant screenshots, and report these issues to the support and vendor teams for resolution. Prepare test summary reports that provide an overview of testing activities, defect status, and overall software quality Collaborate with IT stakeholders to evaluate change requests, assess associated risks, and prioritize changes. Facilitate Change Advisory Board (CAB) meetings, ensuring all changes are reviewed and approved by the CAB. Monitor and report on change metrics, including success rates, failed changes, and overall impact. Ensure release activities are thoroughly documented, communicated, and aligned with the overall release strategy. Track and manage release dependencies, resolving any conflicts or issues that may arise. Provide regular reports and updates on change and release metrics to management and stakeholders. Conduct IT risk and control self-assessments (RCSAs) and maintain comprehensive documentation. Develop risk mitigation strategies and plans, and present recommendations and corrective actions to address identified risks. Perform monthly IT risk reviews and report on the status of IT risks. Regularly review the risk register and follow up with relevant teams on the implementation of risk mitigation plans until resolution. Create and maintain reports and dashboards to track and communicate the status of risks. Prepare and publish regular reports, dashboards, and presentations on project and portfolio status for senior management. Conduct periodic audits of project processes and governance to ensure transparent reporting of progress, issues, and risks. Monitor project performance to identify and address potential problems. Ensure compliance with all relevant policies throughout the project delivery process. Collaborate with internal stakeholders to address risks, issues, and challenges related to the project. * Work with the IT team to track and resolve risks identified during project implementation.