
GRC Specialist
7 days ago
Direct message the job poster from Descon
HR Professional | Talent Acquisition | Employee Engagement | Workforce Planning | Talent Management | Recruitment Strategy | Performance Management |…Job Summary:
We are seeking a skilled Information Security Specialist to develop, implement, and maintain an Information Security Management System (ISMS) in line with ISO 27001 standards. The role involves collaborating with internal stakeholders and third-party security partners to establish robust security policies, implement GRC (Governance, Risk, and Compliance) controls, and conduct regular security assessments to protect the organization's systems and data.
Key Responsibilities:ISMS & Security Governance:- Develop and implement an Information Security Management System (ISMS) aligned with ISO 27001.
- Coordinate with third-party security partners to develop corporate information security policies and standards and ensure continuous monitoring of security controls, KRIs, and KPIs.
- Ensure compliance with industry security frameworks, including NIST CSF & CIS Critical Security Controls.
- Assist in the implementation of GRC controls and measures, performing audits and assessments to mitigate security risks.
- Identify, communicate, and manage emerging security threats and vulnerabilities with key stakeholders.
- Implement firewalls, endpoint security, SIEM, SOC, EDR/XDR, and mobility management tools to enhance security.
- Conduct risk assessments, security audits, vulnerability scans, and penetration tests to validate security effectiveness.
- Work with internal IT teams to adopt security best practices and ensure compliance with security policies.
- Monitor security systems and network performance to detect irregular activity and potential security incidents.
- Collaborate with Managed Security Service Providers (MSSP) to conduct and review security assessments, including penetration testing and vulnerability scanning.
- Use data encryption, firewalls, and security applications to protect digital information.
- Validate IT infrastructure and recommend security enhancements to reduce risks and strengthen security posture.
- Work with third-party security partners and internal IT teams to develop Business Continuity and Disaster Recovery (BCDR) Plans and conduct regular drills.
- Review, establish, and implement effective disaster recovery strategies.
- Conduct information security awareness training for employees and ensure adherence to security best practices.
- Promote a security-first culture within the organization.
- Bachelor's degree in Computer Science, Information Security, or a related field.
- 3+ years of experience in information security operations, risk management, and compliance.
- Strong understanding of ISO 27001, NIST CSF, CIS Critical Security Controls, ITIL, and COBIT.
- Expertise in firewalls, endpoint security, SIEM, SOC, EDR/XDR, mobility management, vulnerability scanning, and penetration testing.
- Certified professionals preferred (CISSP, CISM, CISA, ISO 27001 Lead Implementer/Auditor).
- Experience working with certified security professionals, auditors, and SOC analysts.
- Strong analytical, problem-solving, and communication skills.
- Knowledge of cloud security, DevSecOps, and threat intelligence.
- Experience in working with security vendors, MSSPs, and security consulting firms.
- Ability to design and implement risk treatment plans for complex security environments.
- Opportunity to work with cutting-edge security technologies and industry best practices.
- Collaborative and fast-paced work environment.
- Continuous learning and professional growth opportunities.
If you have a passion for cybersecurity and want to play a critical role in safeguarding an organization's digital assets, we'd love to hear from you
Apply Now
Recruitment@descon.com
Seniority level- Mid-Senior level
- Full-time
-
Information Security Manager
3 weeks ago
Lahore, Punjab, Pakistan Systems Limited Full timeSystems Limited is hiring for multiple roles in Information Security. Please find the details below.Manager Information Security:8+ years of progressive experience rich experience in information security domain and at least 4-6 years of dedicated experience in Security Incident Response using SOAR solutionsProven experience in DevSecOps, automation, and...
-
IT Security Specialist
7 days ago
Lahore, Punjab, Pakistan beBeeJob Full timeContour Software has grown significantly over the past decade.We are a subsidiary of a global enterprise software conglomerate that has become one of the top 10 software companies in the world, with employees and customers across 100+ countries. With a broad-based and ever-growing portfolio of market-leading, vertical-market enterprise solutions covering...
-
Product Manager
2 weeks ago
Lahore, Punjab, Pakistan Recruitzz Full timeGet AI-powered advice on this job and more exclusive features.Direct message the job poster from RecruitzzTechnical Recruiter || HeadHunter || HR ExecutiveKey Responsibilities:Analyze market trends, competitors, and customer needs to define product features and unique differentiators.Collaborate with consultants and stakeholders (if applicable) to refine...
-
Portfolio Manager
3 weeks ago
Lahore, Punjab, Pakistan TecRec Full time6 days ago Be among the first 25 applicantsDirect message the job poster from TecRecCo-Founder & COO | Strategic Operations Leader | Recruitment Leader | Business Operations Strategist | Talent & Growth Specialist | HR Tech | Scaling…Location: Lahore, Pakistan.Type: Full-TimeWorking Hours: (UK Time)Salary Range: 275,000 – 350,000 (based on experience and...