Lead Cloud Security Engineer GRC

About the job Lead Cloud Security Engineer GRC

About Our Client:

Our client company is one ofUAEs largest compliance company.

Job Description:

As part of our cybersecurity team, the Cybersecurity GRC Officer/Manager will play a strategic role in shaping and enforcing governance, risk, and compliance practices across our digital and operational landscape. This is a critical position responsible for ensuring our cybersecurity controls, frameworks, and risk strategies meet evolving regulatory requirements and industry standards. The ideal candidate will bring both deep technical understanding and pragmatic leadership to align GRC initiatives with broader business and security goals.

Duties and Responsibilities

• Design, implement, and maintain cybersecurity governance policies and documentation.

• Oversee internal governance structures ensuring consistency with international standards and business objectives.

• Provide policy leadership on emerging compliance areas such as AI governance and cloud specific standards.

• Lead risk assessments and threat modeling exercises focused on cybersecurity and third-party risks.

• Maintain a dynamic risk register, ensuring mitigation strategies are timely and actionable.

• Advise the leadership team on cybersecurity risk appetite and priority initiatives.

• Manage compliance with standards including ISO 27001, PCI-DSS, SOC 2, CIS Controls, NIST CSF, and SANS. Ensure alignment with regional and international regulations (e.g., GDPR, CBUAE, SAMA, CMA).

• Coordinate and lead audit readiness efforts; manage relationships with external auditors and assessors.

• Work hand-in-hand with security operations and engineering teams to validate control effectiveness.

• Recommend improvements to technical security controls (firewalls, SIEM, DLP, endpoint protection).

• Stay current with threat intelligence and advise on proactive defenses and incident readiness.

• Contribute to incident response planning and lead compliance-related post-incident reviews.

• Provide comprehensive risk and compliance reporting to executive leadership.

• Develop role-specific cybersecurity and GRC training modules. Champion a culture of cybersecurity awareness across departments and geographies.

• Availability outside business hours may be required during security incidents or audits.

• The role supports a fully remote, globally distributed environment.

Experience (essential to any successful application)

• Minimum 3 years in GRC roles with direct engagement in cybersecurity domains.

• Demonstrated experience with compliance management and cybersecurity operations.

• Familiarity with international and regional regulators, including those in the GCC and Europe.

Skills

• In-depth knowledge of cybersecurity architecture and tools (e.g., SIEM, IDS/IPS, DLP).

• Proficient in risk frameworks like ISO 27005, NIST SP 800-30, FAIR. Able to bridge compliance frameworks with technical implementation.

• CISSP, CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor, or equivalent.

• Executive presence with excellent written and verbal communication.

• Strong organizational skills and ability to manage high-impact cross-functional projects.

• High attention to detail with a proactive, improvement-oriented mindset. Guiding teams with a cyber risk-focused mindset.

• Translating risk and compliance insights into strategic business input.

• Data-driven decision making with a strong analytical approach.

• Driving security adoption and awareness.

Qualifications

• Bachelor's or Master's degree in Cybersecurity, Information Security, Risk Management, or related fields.

Other Details:

Work Mode: Onsite - Full Time
Location: Karachi
Experience:5+ years
Days: Monday to Friday
Timing: 9 am - 6 pm
Salary: Market Competitive

About HR Ways:

HR Ways is an Award winning Technical Recruitment Firm helping software houses and IT Product companies internationally and locally to find IT Talent. HR Ways is engaged by 300+ Employers worldwide ranging from worlds biggest SaaS Companies to most competitive Startups. We have entities in Dubai, Canada, US, UK, Pakistan, India, Saudi Arabia, Portugal, Brazil and other parts of the world. Join our WhatsApp Channel https://shorturl.at/983azto stay updated or visit www.hrways.co to know more.