Associate Consultant - ISMS & IT GRC

Inbox Business Technologies is seeking a motivated and enthusiastic Associate Consultant with a foundational understanding of Information Security Management Systems (ISMS) and IT Governance, Risk, and Compliance (IT GRC). Having good knowledge about NIST, SAMA, NCA etc., would be an added advantage. The ideal candidate will support senior team members in implementing security frameworks, ensuring compliance with industry standards, and managing IT risks.

Responsibilities

ISMS Responsibilities: 

• Assist in the implementation and maintenance of ISMS frameworks aligned with ISO 27001 standards. 
• Support risk assessments, vulnerability analyses, and gap assessments to identify security weaknesses. 
• Help develop and enforce information security policies, procedures, and controls. 
• Participate in internal audits and assist clients in preparing for external certification audits. 

IT GRC Responsibilities: 

• Assist in developing IT governance frameworks based on COBIT, NIST, and ITIL. 
• Support IT risk assessments, compliance audits, and regulatory reporting activities. 
• Help clients align IT strategies with business goals while ensuring compliance with regulations like GDPR, HIPAA, SOX, etc. 
• Assist in developing IT governance frameworks based on COBIT, NIST, and ITIL. 

Requirements

• Minimum Bachelor’s degree in Information Security, Computer Science, or a related field.
• Professional certifications such as ISO 27001 Foundation, COBIT Foundation, ITIL Foundation, CISM (preferred but not mandatory).
• 1-2 years of experience in ISMS and IT GRC or related roles.
• Strong documentation, report writing, and communication skills is a must.