GRC Specialist

8 hours ago


Lahore, Punjab, Pakistan Descon Full time

Direct message the job poster from Descon

HR Professional | Talent Acquisition | Employee Engagement | Workforce Planning | Talent Management | Recruitment Strategy | Performance Management |…

Job Summary:

We are seeking a skilled Information Security Specialist to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards. The role involves collaborating with internal stakeholders and third-party security partners to establish robust security policies, implement GRC (Governance, Risk, and Compliance) controls, and conduct regular security assessments to protect the organization's systems and data.

Key Responsibilities:ISMS & Security Governance:
  • Develop and implement an Information Security Management System (ISMS) aligned with ISO 27001.
  • Coordinate with third-party security partners to develop corporate information security policies and standards and ensure continuous monitoring of security controls, KRIs, and KPIs.
  • Ensure compliance with industry security frameworks, including NIST CSF & CIS Critical Security Controls.
  • Assist in the implementation of GRC controls and measures, performing audits and assessments to mitigate security risks.
Risk Management & Compliance:
  • Identify, communicate, and manage emerging security threats and vulnerabilities with key stakeholders.
  • Implement firewalls, endpoint security, SIEM, SOC, EDR/XDR, and mobility management tools to enhance security.
  • Conduct risk assessments, security audits, vulnerability scans, and penetration tests to validate security effectiveness.
  • Work with internal IT teams to adopt security best practices and ensure compliance with security policies.
Security Operations & Incident Management:
  • Monitor security systems and network performance to detect irregular activity and potential security incidents.
  • Collaborate with Managed Security Service Providers (MSSP) to conduct and review security assessments, including penetration testing and vulnerability scanning.
  • Use data encryption, firewalls, and security applications to protect digital information.
  • Validate IT infrastructure and recommend security enhancements to reduce risks and strengthen security posture.
Business Continuity & Disaster Recovery:
  • Work with third-party security partners and internal IT teams to develop Business Continuity and Disaster Recovery (BCDR) Plans and conduct regular drills.
  • Review, establish, and implement effective disaster recovery strategies.
Security Awareness & Training:
  • Conduct information security awareness training for employees and ensure adherence to security best practices.
  • Promote a security-first culture within the organization.
Qualifications & Experience:
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 3+ years of experience in information security operations, risk management, and compliance.
  • Strong understanding of ISO 27001, NIST CSF, CIS Critical Security Controls, ITIL, and COBIT.
  • Expertise in firewalls, endpoint security, SIEM, SOC, EDR/XDR, mobility management, vulnerability scanning, and penetration testing.
  • Certified professionals preferred (CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor).
  • Experience working with certified security professionals, auditors, and SOC analysts.
  • Strong analytical, problem-solving, and communication skills.
Preferred Skills:
  • Knowledge of cloud security, DevSecOps, and threat intelligence.
  • Experience in working with security vendors, MSSPs, and security consulting firms.
  • Ability to design and implement risk treatment plans for complex security environments.
Why Join Us?
  • Opportunity to work with cutting-edge security technologies and industry best practices.
  • Collaborative and fast-paced work environment.
  • Continuous learning and professional growth opportunities.

If you have a passion for cybersecurity and want to play a critical role in safeguarding an organization's digital assets, we'd love to hear from you

Apply Now

Recruitment@descon.com

Seniority level
  • Mid-Senior level
Employment type
  • Full-time
#J-18808-Ljbffr
  • GRC Specialist

    5 hours ago


    Lahore, Punjab, Pakistan beBee Careers Full time

    Governance, Risk, and Compliance (GRC) SpecialistWe are seeking a detail-oriented GRC Specialist to ensure our organization complies with relevant regulations, standards, and internal policies while maintaining robust governance and risk frameworks. The ideal candidate will bring 3–5 years of experience in GRC with a strong focus on policy drafting, risk...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Job Title: GRC Framework SpecialistWe are seeking a skilled professional to develop and implement effective governance, risk, and compliance (GRC) frameworks and policies.Key Responsibilities:Design and implement robust GRC frameworks to ensure regulatory compliance.Conduct regular risk assessments to identify potential threats and opportunities.Provide...


  • Lahore, Punjab, Pakistan Tkxel LLC Full time

    Governance, Risk, and Compliance (GRC) SpecialistTkxel is a leading software development company located in Reston, Virginia. We are committed to developing innovative software solutions for leading enterprises in the world, helping them grow their businesses using the latest technology solutions.Job DescriptionWe are seeking a motivated and detail-oriented...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    About the JobWe are seeking a skilled Information Security Specialist to join our team and play a critical role in safeguarding our organization's digital assets. The successful candidate will be responsible for developing and implementing an Information Security Management System (ISMS) in line with ISO 27001 standards, ensuring compliance with industry...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Job SummaryWe are seeking a skilled Information Security Specialist to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards. The role involves collaborating with internal stakeholders and third-party security partners to establish robust security policies, implement GRC controls, and conduct...


  • Lahore, Punjab, Pakistan Techhive Full time

    We are looking for an experienced ServiceNow Implementation Specialist to lead the development, configuration, and implementation of multiple ServiceNow solutions. The ideal candidate will have extensive expertise in ServiceNow platforms, system integration, and front-end development, ensuring high-quality project delivery and client satisfaction.Key...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Digital Transformation LeadWe are looking for a highly skilled ServiceNow Implementation Specialist to develop, configure, and implement multiple ServiceNow solutions. The ideal candidate will have extensive expertise in ServiceNow platforms, system integration, and front-end development, ensuring high-quality project delivery and client...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Job DescriptionWe are seeking a skilled professional to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards.Key ResponsibilitiesDevelop and implement an ISMS aligned with industry security frameworks, including NIST CSF & CIS Critical Security Controls.Coordinate with stakeholders to establish...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    ServiceNow Implementation ProfessionalWe are looking for a skilled ServiceNow Implementation Specialist to lead the development, configuration, and implementation of multiple ServiceNow solutions. The ideal candidate will have extensive expertise in ServiceNow platforms, system integration, and front-end development, ensuring high-quality project delivery...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    ServiceNow Technical LeadWe are seeking a highly skilled ServiceNow Implementation Specialist to develop, configure, and implement multiple ServiceNow solutions. The ideal candidate will have extensive expertise in ServiceNow platforms, system integration, and front-end development, ensuring high-quality project delivery and client satisfaction.Main...