Cyber Security GRC

Our client company is one of UAE's largest compliance companies.Job Description:

As part of our cybersecurity team, the Cybersecurity GRC Officer/Manager will play a strategic role in shaping and enforcing governance, risk, and compliance practices across our digital and operational landscape. This position is responsible for ensuring our cybersecurity controls, frameworks, and risk strategies meet evolving regulatory requirements and industry standards. The ideal candidate will bring both deep technical understanding and pragmatic leadership to align GRC initiatives with broader business and security goals.

Duties and Responsibilities

• Design, implement, and maintain cybersecurity governance policies and documentation.
• Oversee internal governance structures ensuring consistency with international standards and business objectives.
• Provide policy leadership on emerging compliance areas such as AI governance and cloud-specific standards.
• Lead risk assessments and threat modeling exercises focused on cybersecurity and third-party risks.
• Maintain a dynamic risk register, ensuring mitigation strategies are timely and actionable.
• Advise the leadership team on cybersecurity risk appetite and priority initiatives.
• Manage compliance with standards including ISO 27001, PCI-DSS, SOC 2, CIS Controls, NIST CSF, and SANS. Ensure alignment with regional and international regulations (e.g., GDPR, CBUAE, SAMA, CMA).
• Coordinate and lead audit readiness efforts; manage relationships with external auditors and assessors.
• Work closely with security operations and engineering teams to validate control effectiveness.
• Recommend improvements to technical security controls (firewalls, SIEM, DLP, endpoint protection).
• Stay current with threat intelligence and advise on proactive defenses and incident readiness.
• Contribute to incident response planning and lead compliance-related post-incident reviews.
• Provide comprehensive risk and compliance reporting to executive leadership.
• Develop role-specific cybersecurity and GRC training modules. Promote a culture of cybersecurity awareness across departments and geographies.
• Availability outside business hours may be required during security incidents or audits.
• The role supports a fully remote, globally distributed environment.

Experience (essential to any successful application)

• Minimum 3 years in GRC roles with direct engagement in cybersecurity domains.
• Demonstrated experience with compliance management and cybersecurity operations.
• Familiarity with international and regional regulators, including those in the GCC and Europe.

Skills

• In-depth knowledge of cybersecurity architecture and tools (e.g., SIEM, IDS/IPS, DLP).
• Proficient in risk frameworks like ISO 27005, NIST SP 800-30, FAIR. Able to bridge compliance frameworks with technical implementation.
• CISSP, CISA, CRISC, CISM, ISO 27001 Lead Implementer/Auditor, or equivalent certifications.
• Excellent written and verbal communication with an executive presence.
• Strong organizational skills and ability to manage high-impact cross-functional projects.
• High attention to detail with a proactive, improvement-oriented mindset. Ability to guide teams with a cyber risk-focused approach.
• Ability to translate risk and compliance insights into strategic business decisions.
• Data-driven decision making with a strong analytical mindset.
• Driving security adoption and awareness.

Qualifications

• Bachelor's or Master's degree in Cybersecurity, Information Security, Risk Management, or related fields.

Other Details:

• Work Mode: Onsite - Full Time
• Location: Karachi
• Experience: 5+ years
• Days: Monday to Friday
• Timing: 9 am - 6 pm
• Salary: Market Competitive

About HR Ways:

HR Ways is an award-winning technical recruitment firm helping software houses and IT product companies internationally and locally to find IT talent. We are engaged by 300+ employers worldwide, ranging from the world's biggest SaaS companies to the most competitive startups. We have entities in Dubai, Canada, US, UK, Pakistan, India, Saudi Arabia, Portugal, Brazil, and other parts of the world. Join our WhatsApp Channel https://shorturl.at/983azto to stay updated or visit www.hrways.co to learn more.

#J-18808-Ljbffr

---