IT Business Analyst - Governance, Risk and Compliance (ISO 27001)
Dubai, DU, United Arab Emirates
Expleo
Expleo is a trusted partner for end-to-end, integrated engineering, quality services and management consulting for digital transformation.Overview
IT Business Analyst - Governance, Risk and Compliance (ISO 27001)
Responsibilities
-
- GRC Framework Implementation:
Supporting the implementation and maintenance of GRC frameworks (like ISO 27001, SOC 2, NIST, etc.) within the organization.
- Compliance Monitoring:
Tracking and monitoring compliance with relevant laws, regulations, and industry standards.
- Risk Assessment and Mitigation:
Identifying, assessing, and mitigating IT-related risks, working with stakeholders to develop and implement risk mitigation strategies.
- Policy and Procedure Development:
Contributing to the development and maintenance of information security policies, procedures, and related documentation.
- Data Analysis and Reporting:
Analyzing data related to GRC activities, creating reports, and providing insights to support decision-making.
- Stakeholder Collaboration:
Collaborating with IT, legal, and other business units to integrate GRC requirements into business processes.
- Training and Awareness:
Contributing to the development and delivery of training programs to enhance awareness of GRC principles and practices.
- Process Improvement:
Identifying opportunities to improve the efficiency and effectiveness of GRC processes.
Qualifications
UG or PG
Essential skills
- Strong analytical and problem-solving skills: Ability to analyze complex data, identify issues, and develop solutions.
- Excellent communication and interpersonal skills: Ability to communicate effectively with both technical and non-technical stakeholders.
- Knowledge of GRC frameworks and regulations: Understanding of relevant standards like ISO 27001, NIST, GDPR, etc.
- Experience with GRC tools: Familiarity with GRC software and platforms.
- Business acumen: Understanding of business processes and how they relate to GRC.
- Project management skills: Ability to manage projects related to GRC initiatives.
- Data analysis and reporting skills: Ability to analyze data, create reports, and present findings.
- Technical background: While not always required, a basic understanding of IT systems and infrastructure is often helpful.
Desired skills
-- Past project experience in UAE/Middle East projects
Experience
11+ years
* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰
Tags: Compliance GDPR Governance ISO 27001 Monitoring NIST Risk assessment SOC SOC 2
More jobs like this
Explore more career opportunities
Find even more open roles below ordered by popularity of job title or skills/products/technologies used.