Senior Cyber GRC Analyst I

11 hours ago


Karachi, Sindh, Pakistan Careem Full time

Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5 million Captains, simplified the lives of over 70 million customers, and built a platform for the region's best talent to thrive and for entrepreneurs to scale their businesses. Careem operates in over 70 cities across 10 countries, from Morocco to Pakistan.

Careem is looking for a Senior Cyber GRC Analyst to join our GRC team. The ideal candidate will have hands-on experience implementing PCI DSS requirements and ISO 27001 standards, including leading or supporting end-to-end certification efforts. This role requires close collaboration with both business and technical teams across the global organization to execute the Information Security Governance, Risk & Compliance (GRC) strategy, extending and tailoring processes as needed to help identify, assess, and manage information security risks to an acceptable level.

What you'll do

  • Support the influence and adoption of Information Security controls, standards, policies, procedures, and communications across the organization
  • Work closely with the GRC Manager to advise global process owners on necessary Information Security controls for risk mitigation, in alignment with the InfoSec Risk & Controls framework and relevant regulatory and industry standards
  • Be proficient in developing and delivering comprehensive Information Security assessments, metrics and reporting tailored for various leadership levels
  • Contribute to the planning and coordination of Information Security awareness and training programs across Careem's global business units and subsidiaries
  • Demonstrated hands-on experience in implementing and aligning with regulatory and industry standards, including the PCI DSS, ISO 27001 and NIST Cybersecurity Framework (CSF), with a proven track record of supporting or leading certification and audit readiness efforts
  • Collaborates with Procurement, Data Privacy, and Legal teams to ensure that information security requirements and contractual protections are adequately addressed in all third-party vendor agreements, particularly where sensitive or regulated data is involved
  • Maintains and contributes to the Information Security Risk Register, ensuring all risks are accurately identified, assessed, documented, and tracked with clear mitigation plans aligned to organizational risk appetite
  • Advises and supports business units in identifying, understanding, and managing IT and Security risks, promoting a risk-aware culture and enabling informed decision-making across technical and non-technical stakeholders

Qualification

A degree in Computer Science, Computer Engineering or Electrical Engineering or obtained relevant security certifications

What you'll need

  • 5-8 years of experience in Information Security Governance, Risk and Compliance
  • 1-2 years of experience in managing security-related projects
  • In-depth familiarity with security policies based on industry standards and best practices
  • Experience working with AWS services
  • Ability to lead and communicate efficiently within a team environment
  • Advanced technical writing skills
  • Strong attention to detail
  • Problem-solving
  • Time management

What we'll provide you

We offer colleagues the opportunity to drive impact in the region while they learn and grow. As a full time Careem colleague, you will be able to:

  • Work and learn from great minds by joining a community of inspiring colleagues.
  • Put your passion to work in a purposeful organisation dedicated to creating impact in a region with a lot of untapped potential.
  • Explore new opportunities to learn and grow every day.
  • Work 4 days a week in office & 1 day from home, and remotely from any country in the world for 30 days a year with unlimited vacation days per year. (If you are in an individual contributor role in tech, you will have 2 office days a week and 3 to work from home.)
  • Access to healthcare benefits and fitness reimbursements for health activities including gym, health club, and training classes.

#J-18808-Ljbffr
  • Data Analyst I

    1 day ago


    Karachi, Sindh, Pakistan beBee Careers Full time

    Job Title: Data Analyst IAs a key member of the analytics team, you will be responsible for providing actionable insights and driving business decisions. You will work closely with top analysts to leverage modern tools and solve complex problems.


  • Karachi, Sindh, Pakistan beBee Careers Full time

    Information Security Governance SpecialistCareer Opportunity in Information Security Governance, Risk and ComplianceWe are seeking an experienced Information Security Governance Specialist to join our team. The ideal candidate will have hands-on experience implementing PCI DSS requirements and ISO 27001 standards.The role requires close collaboration with...


  • Karachi, Sindh, Pakistan Careem Networks FZ LLC Full time

    Senior Cyber Security Operations Engineer ICareem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has...

  • consultant - grc

    1 day ago


    Karachi, Sindh, Pakistan Risk Associates - EMEA & Asia Full time

    Join to apply for the CONSULTANT - GRC role at Risk Associates - EMEA & AsiaGet AI-powered advice on this job and more exclusive features.Key ResponsibilitiesLead Cybersecurity assessments, including risk assessments, vulnerability assessments, and compliance audits, to evaluate clients' Cybersecurity posture.Develop and implement Cybersecurity frameworks,...


  • Karachi, Sindh, Pakistan beBeeCybersecurity Full time

    Job Title: Cyber Security Operations ExpertCyber Security Operations ExpertThis is a high-level role in our organization that requires the candidate to have extensive knowledge of security operations. The successful candidate will be responsible for leading the development of actionable use cases to detect, triage, investigate and remediate based on latest...

  • Business Analyst

    3 weeks ago


    Karachi, Sindh, Pakistan Cyber Internet Services Private Ltd. Full time

    Direct message the job poster from CYBERNET| HR Specialist | HR Operations | Lakson Group | Cybernet | StormFiber | LBS - Lakson Business Solutions | Ex The Indus Hospital | Ex SBT Co. Ltd |…About the jobWe are looking for a talented Business Analyst to join our growing teamWHAT YOU WILL BE DOING:Strong concepts of OOP (Object Oriented Programming) and...

  • Senior IT Auditor

    1 day ago


    Karachi, Sindh, Pakistan beBee Careers Full time

    Assistant Manager/Manager Technology & Cyber Risk AdvisoryAs a highly skilled professional, you will lead IT audit engagements, ensuring compliance with global and local standards. This role is ideal for individuals who possess strong knowledge of IT frameworks, control standards, and best practices.Key Responsibilities:Conduct risk assessments and identify...


  • Karachi, Sindh, Pakistan Abroad Work Full time

    Information Security Analyst vacancy in Karachi, PakistanJunior Information Security AnalystWe are seeking a highly motivated Junior Information Security Analyst to join our team in Karachi. As a Junior Information Security Analyst, you will work with senior analysts to protect our company's data and systems from cyber threats. This is an excellent...


  • Karachi, Sindh, Pakistan Yousuf Adil, Chartered Accountants Full time

    Assistant Manager/Manager Technology & Cyber Risk AdvisoryYousuf Adil Chartered Accountants is looking for the position of "Assistant Manager/Manager TCRA" within Technology and Cyber Risk Advisory Service line for its Karachi & Islamabad office.Responsibilities:Leading IT audit engagements, ensuring compliance with global and local standards.Performing risk...


  • Karachi, Sindh, Pakistan VRG (Pvt) Ltd. Full time

    Job Description:Dear All,We are seeking a highly skilled and experienced Manager Cyber Security – Financial Services to lead and enhance our cybersecurity strategy, governance, risk management, and incident response in the financial services sector. The ideal candidate will be responsible for ensuring the security, confidentiality, integrity, and...