Associate Information Security Consultant

Information Security Management Systems (ISMS)

2. This role involves conducting risk assessments, ensuring compliance with industry standards, and providing recommendations to enhance governance, risk, and compliance posture. The ideal candidate will have a foundational understanding of GRC principles, strong analytical skills, and the ability to collaborate effectively with cross-functional teams.

3. Strong understanding of GRC frameworks and ISMS principles.

ISO 27001

5. Strong analytical and problem-solving skills, with attention to detail. Excellent written and verbal communication skills

Job Specification:

1. Assist in the design, implementation, and maintenance of ISMS frameworks in accordance with ISO 27001 and other relevant standards.

2. Support the development of information security policies, procedures, and documentation to ensure compliance with industry best practices.

3. Collaborate with clients to understand their security requirements and tailor ISMS solutions to meet their needs.

4. Conduct risk assessments to identify vulnerabilities and threats to client information assets.

e.g., ISO 27001:2022, ISO 22301:2019, ISO 20000:2018, SWIFT CSP,NIST CSF, NIST 800-53, PCI-DSS v4.0.1).

6. Assist in conducting compliance audits and assessments, preparing reports, and recommending corrective actions.

7. Support client meetings and presentations, providing insights and recommendations for improving governance, risk, and compliance.

8. Stay current with the latest developments in GRC, ISMS, and information security trends.

9. Guide the team members on the Technical and Information Security requirements.

10. The consultant will be travelling to GCC Countries for Onsite Project Execution.

Relevant Experience:

1. Bachelor’s degree in information technology, Computer Science, Cybersecurity, Business Administration, or a related field.

ISO 27001:2022 Lead Implementer/Lead Auditor Certification or equivalent certifications.