GRC Team Member

GRC Team Member Position

• Location: Airport City
• Full-time, with one "work-from-home" day per week

The role involves:

• Writing documents (policies, procedures, and information security guidelines)
• Managing and overseeing information security assessments (including work plans, tracking findings, initiating, and validating actions)
• Operating the intelligence domain
• Managing awareness initiatives
• Conducting risk assessments
• Overseeing the supply chain management process
• Implementing and managing information security controls
• Managing controls related to security updates and hardening implementation, and more
• Collaborating and holding meetings with internal and external stakeholders, such as IT systems, infrastructure teams, project managers, and suppliers

Mandatory:

• Proven experience in the GRC field (2+ years)
• Experience in managing awareness initiatives (2+ years)
• Experience in conducting risk assessments (2+ years)
• Experience in implementing, writing, and managing supply chain processes (2+ years)
• Experience in guiding and managing information security surveys (2+ years)
• Experience in writing procedures, policies, guidelines, and forms (2+ years)
• Familiarity with cybersecurity standards and regulations such as:
• ISO 27001
• Guidelines from the Banking Supervisor
• NIST 853
• Cloud-specific standards and methodologies
• Instructions from the Cyber Defense Authority

Advantages:

• Familiarity with the financial sector
• Knowledge of security update processes
• Understanding of server and endpoint hardening practices