isecjobs.com

Senior Consultant - ITSM/BCM

Karachi, Sindh, Pakistan

Full Time Senior-level / Expert USD 58K - 108K * est.
Company logo

Inbox Business Technologies

View all jobs at Inbox Business Technologies

Apply now Apply later

We are seeking a highly experienced Senior Consultant with strong expertise in Information Security Management Systems (ISMS) and IT Governance, Risk, and Compliance (IT GRC). The ideal candidate should have a proven track record of implementing and auditing ISO 27001, developing and designing IT GRC frameworks based on COBIT, NIST, and conducting risk assessments to ensure compliance with industry standards and regulations, like GDPR, SAMA, NESA, NCA, PDPL etc.

ISMS Responsibilities: 

  • Lead the implementation, management, and auditing of ISO 27001-based Information Security Management Systems (ISMS).
  • Perform gap assessments to identify areas of non-compliance and develop corrective action plans.
  • Conduct risk assessments and ensure risk mitigation strategies are aligned with business objectives.
  • Develop and refine ISMS policies, procedures, and controls in compliance with ISO 27001 and other relevant standards.
  • Support clients in achieving and maintaining ISO 27001 certification, including audit readiness.
  • Provide guidance on security incident management and business continuity planning.

IT GRC Responsibilities: 

  • Develop and implement IT governance frameworks based on COBIT, NIST, and other best practices.
  • Conduct IT risk assessments and define risk treatment plans.
  • Ensure compliance with regulatory requirements such as GDPR, NIST, GDPR, and local cybersecurity regulations.
  • Design and implement IT compliance and risk management programs, policies, and controls.
  • Provide advisory services on third-party/vendor risk management.
  • Assist organizations in aligning IT strategy with business objectives through effective governance practices.

Requirements

  • Master’s or Bachelor’s degree in Information Security, Computer Science, or IT-related field.
  • Certifications (preferred): ISO 27001 Lead Implementer / Lead Auditor, CISM, CRISC, CISSP, CISA, or COBIT 2019 Foundation.
  • Experience: Minimum 6–8 years of experience in ISMS and IT GRC consulting, implementation, or auditing.
  • Hands-on experience in conducting ISO 27001 gap assessments, risk assessments, and audits.
  • Strong practical knowledge of IT governance frameworks (COBIT, NIST, ITIL, etc.).
  • Experience in handling regulatory compliance requirements such as GDPR, NIST, and PCI-DSS.
  • Excellent report writing, communication, and stakeholder management skills. 
Apply now Apply later

* Salary range is an estimate based on our InfoSec / Cybersecurity Salary Index 💰

Job stats:  0  0  0
Category: Consulting Jobs

Tags: Audits CISA CISM CISSP COBIT Compliance Computer Science CRISC GDPR Governance ISMS ISO 27001 ITIL NIST Risk assessment Risk management Strategy

Region: Asia/Pacific
Country: Pakistan

More jobs like this

« Back to job search To the top ↑

Explore more career opportunities

Find even more open roles below ordered by popularity of job title or skills/products/technologies used.

Information Security Specialist jobsSenior Cloud Security Engineer jobsInformation System Security Officer jobsSenior Security Analyst jobsSenior Cybersecurity Engineer jobsSystems Administrator jobsInformation Security Manager jobsSystems Engineer jobsSenior Information Security Analyst jobsSenior Network Security Engineer jobsCyber Security Specialist jobsIT Security Engineer jobsIT Security Analyst jobsChief Information Security Officer jobsSecurity Consultant jobsSecurity Specialist jobsInformation System Security Officer (ISSO) jobsSenior Product Security Engineer jobsInformation Systems Security Engineer jobsSenior Cyber Security Engineer jobsSenior Information Security Engineer jobsCyber Threat Intelligence Analyst jobsCyber Security Architect jobsThreat Intelligence Analyst jobsSenior Software Engineer jobs
Java jobsBash jobsTS/SCI jobsEncryption jobsEDR jobsIDS jobsIPS jobsThreat detection jobsTerraform jobsTop Secret jobsSDLC jobsSplunk jobsSQL jobsMalware jobsFinance jobsDocker jobsForensics jobsSOC 2 jobsRMF jobsCompTIA jobsIntrusion detection jobsActive Directory jobsOWASP jobsGIAC jobsITIL jobs
DoDD 8570 jobsVPN jobsHIPAA jobsOSCP jobsAnsible jobsIT infrastructure jobsData Analytics jobsTCP/IP jobsSAP jobsCRISC jobsCCSP jobsUNIX jobsSANS jobsSOAR jobsBanking jobsMITRE ATT&CK jobsSOX jobsJavaScript jobsSecurity strategy jobsClearance Required jobsDNS jobsZero Trust jobsJira jobsMachine Learning jobsPolygraph jobs