GRC Specialist

4 weeks ago


Lahore, Punjab, Pakistan Descon Full time

Direct message the job poster from Descon

HR Professional | Talent Acquisition | Employee Engagement | Workforce Planning | Talent Management | Recruitment Strategy | Performance Management |…

Job Summary:

We are seeking a skilled Information Security Specialist to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards. The role involves collaborating with internal stakeholders and third-party security partners to establish robust security policies, implement GRC (Governance, Risk, and Compliance) controls, and conduct regular security assessments to protect the organization's systems and data.

Key Responsibilities:ISMS & Security Governance:
  • Develop and implement an Information Security Management System (ISMS) aligned with ISO 27001.
  • Coordinate with third-party security partners to develop corporate information security policies and standards and ensure continuous monitoring of security controls, KRIs, and KPIs.
  • Ensure compliance with industry security frameworks, including NIST CSF & CIS Critical Security Controls.
  • Assist in the implementation of GRC controls and measures, performing audits and assessments to mitigate security risks.
Risk Management & Compliance:
  • Identify, communicate, and manage emerging security threats and vulnerabilities with key stakeholders.
  • Implement firewalls, endpoint security, SIEM, SOC, EDR/XDR, and mobility management tools to enhance security.
  • Conduct risk assessments, security audits, vulnerability scans, and penetration tests to validate security effectiveness.
  • Work with internal IT teams to adopt security best practices and ensure compliance with security policies.
Security Operations & Incident Management:
  • Monitor security systems and network performance to detect irregular activity and potential security incidents.
  • Collaborate with Managed Security Service Providers (MSSP) to conduct and review security assessments, including penetration testing and vulnerability scanning.
  • Use data encryption, firewalls, and security applications to protect digital information.
  • Validate IT infrastructure and recommend security enhancements to reduce risks and strengthen security posture.
Business Continuity & Disaster Recovery:
  • Work with third-party security partners and internal IT teams to develop Business Continuity and Disaster Recovery (BCDR) Plans and conduct regular drills.
  • Review, establish, and implement effective disaster recovery strategies.
Security Awareness & Training:
  • Conduct information security awareness training for employees and ensure adherence to security best practices.
  • Promote a security-first culture within the organization.
Qualifications & Experience:
  • Bachelor's degree in Computer Science, Information Security, or a related field.
  • 3+ years of experience in information security operations, risk management, and compliance.
  • Strong understanding of ISO 27001, NIST CSF, CIS Critical Security Controls, ITIL, and COBIT.
  • Expertise in firewalls, endpoint security, SIEM, SOC, EDR/XDR, mobility management, vulnerability scanning, and penetration testing.
  • Certified professionals preferred (CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor).
  • Experience working with certified security professionals, auditors, and SOC analysts.
  • Strong analytical, problem-solving, and communication skills.
Preferred Skills:
  • Knowledge of cloud security, DevSecOps, and threat intelligence.
  • Experience in working with security vendors, MSSPs, and security consulting firms.
  • Ability to design and implement risk treatment plans for complex security environments.
Why Join Us?
  • Opportunity to work with cutting-edge security technologies and industry best practices.
  • Collaborative and fast-paced work environment.
  • Continuous learning and professional growth opportunities.

If you have a passion for cybersecurity and want to play a critical role in safeguarding an organization's digital assets, we'd love to hear from you

Apply Now

Recruitment@descon.com

Seniority level
  • Mid-Senior level
Employment type
  • Full-time
#J-18808-Ljbffr

  • Lahore, Punjab, Pakistan beBee Careers Full time

    Information Security RoleWe are seeking a skilled Information Security Specialist to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards. The role involves collaborating with internal stakeholders and third-party security partners to establish robust security policies, implement GRC (Governance,...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Governance, Risk, and Compliance SpecialistWe are looking for a highly motivated and detail-oriented GRC Specialist to join our team. The ideal candidate will have a strong background in policy drafting, risk assessments, compliance management, and implementation of best practices. This position requires an individual with 3–5 years of experience in GRC...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Compliance and Governance Expert:As a Governance, Risk and Compliance Manager, you will be responsible for ensuring that an organization operates within a framework of effective governance, risk management, and compliance. This involves managing GRC processes, developing and implementing frameworks and policies, monitoring compliance with applicable laws and...


  • Lahore, Punjab, Pakistan Tkxel LLC Full time

    Governance, Risk, and Compliance (GRC) SpecialistTkxel is a leading software development company located in Reston, Virginia. We are committed to developing innovative software solutions for leading enterprises in the world, helping them grow their businesses using the latest technology solutions.Job DescriptionWe are seeking a motivated and detail-oriented...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Governance, Risk, and Compliance (GRC) ProfessionalWe are seeking an experienced GRC Specialist to ensure the organization's compliance with relevant regulations, standards, and internal policies. The ideal candidate will bring 3–5 years of experience in policy drafting, risk assessments, compliance management, and implementation of best practices.This...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Senior Cybersecurity PositionThis Information Security Specialist position is focused on developing, implementing, and maintaining an Information Security Management System (ISMS) aligned with ISO 27001 standards. The role involves working with internal stakeholders and third-party security partners to establish robust security policies and implement GRC...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    Cybersecurity ProfessionalThis Information Security Specialist role requires collaboration with internal stakeholders and third-party security partners to establish robust security policies, implement GRC controls, and conduct regular security assessments. This includes developing and implementing an Information Security Management System (ISMS) in line with...


  • Lahore, Punjab, Pakistan MedCare MSO Global Full time

    Direct message the job poster from MedCare MSO GlobalMedcare MSO is one of the largest USA-based Healthcare IT organization in Pakistan, with 950+ people on board. We implement best practices and adopt state-of-the-art technology tools to achieve results. We are seeking an experienced Cyber Security Manager with a strong background in both the...


  • Lahore, Punjab, Pakistan beBee Careers Full time

    We are seeking a skilled Cyber Security Presales Engineer to join our team. As a key member of our organization, you will be responsible for delivering customized cybersecurity solutions to clients.The ideal candidate will have a strong understanding of cybersecurity frameworks, regulations, and best practices. They will also possess experience with SIEM,...


  • Lahore, Punjab, Pakistan Kamal Textiles (Pvt) Full time

    Direct message the job poster from Kamal Textiles (Pvt)Business & Operations Management SpecialistCompany DescriptionKamal is a leading name in the world of Home Fashion Products and Knitted Garments, with a strong presence across the globe. The company serves clients from Brazil to Japan, impacting leading retailers in apparel and home fashion products.Role...