GRC Implementer (Information Security Team)

abra professional services is seeking for an GRC Implementer (Information Security Team)

The GRC Implementer will be part of the Information Security team, responsible for risk management, regulatory and standards compliance, and the implementation of cybersecurity governance processes.

The role involves working with both internal and external stakeholders, supporting information security controls, and participating in projects related to risk management and compliance.

Key Responsibilities:

• Implementing GRC processes across the organization.
• Managing and monitoring information security controls in accordance with organizational policies.
• Supporting the execution of risk assessments for systems and business processes.
• Ensuring compliance with relevant regulations and standards applicable to the organization.
• Assisting in the preparation of internal and external audit materials.
• Working closely with IT teams, Information Security teams, and business units.
• Managing supplier/security questionnaires and addressing findings within the supply chain.
• Overseeing and supervising subsidiary companies from a governance and compliance perspective.
  
  

• Basic familiarity with information security standards such as ISO 27001, NIST, and PCI-DSS.
• Basic understanding of Governance, Risk Management, and Compliance (GRC) concepts.
• Proficiency in Microsoft Office applications.
• Strong teamwork skills and good interpersonal communication abilities.
  
  

• Bachelor’s degree in Information Systems, Computer Science, Information Technology Management, or relevant professional training in information security.
• Experience working with GRC systems/tools.
• Information security certifications such as CISO Fundamentals or ISO 27001 Lead Implementer.
• Knowledge of data privacy regulations, including GDPR and local data protection laws.
  
  

• Strong analytical skills and ability to understand organizational processes.
• High level of organization and attention to detail.
• Ability to learn independently.
• Service-oriented mindset and ability to work with multiple stakeholders and interfaces.