Create Alert
Share this Job

Senior Cyber Security GRC Specialist

Apply now »

Date: May 23, 2023

Location: Dubai, AE

Company: Geidea

 

Job purpose:   

The purpose of this role is to assist in the implementation of compliance programs and guidelines, drafting policies and procedures, reporting and incidents’ response to ensure smooth implementation of cybersecurity activities across all regions in Geidea

Key accountabilities and decision ownership: (max of 7 accountabilities not main or daily duties or tasks)

  • Assist in implementation of Information Security Management System in compliance with SAMA CSF, PCI-DSS and ISO 27001 across organization.
  • Assist in implementation of PCI DSS compliance
  • Assist in drafting, maintaining, and enforcing policies, procedures and controls in accordance with PCI DSS.
  • Coordinate and formulate detailed reports of ISMS internal reviews and periodic PCI DSS reviews.
  • Execute periodic activities as required for achieving compliance of PCI DSS/ISO 27001.
  • Coordinate and assist various teams in closure of ISMS findings internal review report and PCI DSS gaps.
  • Assist and coordinate with various teams in annual external audits of PCI DSS.
  • Assist and support in achieving PCI DSS compliance for upcoming projects and various teams in IT.
  • Conduct organization wide information security awareness training.
  •  Assist in security incident response and RCA activities.

Geidea’s Values:

  • Customer first
  • Open
  • Real
  • Bold
  • Resilient
  • Collaborative

Must have technical / professional qualifications (knowledge & Skills level of presence in the job (High/Medium/Low)

  • Minimum 3-5 years of experience for the Junior role and 8+ years for senior
  • Bachelor’s degree in Computer Science, Information Technology, Telecommunications, Electronics & Electrical or any related field.
  • Certifications:
  • ISO 27001 LA/LI
  •  PCI DSS
  • CISA/CRISC/CISSP
  • CEH
  • ITIL Foundation
  • CompTIA Security+
  • Firewalls certifications
  • Experience in information security and application security controls
  • Exposure to methodologies, such as OWASP is preferred.
  • Sound experience in PCI-DSS, SAMA Cyber Security Framework remediation and certification audit.
  • Knowledge and understanding of Information Security related risk assessments framework such as SAMA, OCTAVE, COBIT, ISO 27005 and NIST 800-30.
  •  Ability to perform internal information security reviews and face external

audits.

  •  Sound understanding and knowledge of firewall rules, security architecture, infrastructure, and application hardening.
  • Sound experience in Implementing ISMS, performing internal reviews,

 drafting and enforcing policies in accordance with SAMA Cyber Security

Framework, ISO 27001, and PCI-DSS.

  •  Exposure to the financial Sector Is preferred.
  • Core Skills required:
    -Problem Solving: High
    -Leadership: Low
    -Interpersonal Skills: High
  • Other job specific core skills (Head- Hand – Heart)
  • Communication skills: High
  • Analytical skills: High

Financial Factors of the Job: Define the financial responsibility for the Job. [This may not be applicable for all Jobs].

  • None

Key Success Factors (max of 5 Key Success Factors, should be numbers or % to be measured)

 

  • Maintain SAMA CSF KPIs with all stakeholders
  • Maintain the PCI compliance activities assigned quarterly

Operational Factors of the Job (Level of presence in the job (High/Medium/Low):

  • Decision Making: Medium
  • Execution: High
  • Customers' Interaction & Experience: Medium
  • Products / Services Interaction: High
  • Impact of the job: Medium

Structural Metrics of the Job:

  • Number of direct reports: None
  • Number of non- direct reports (dotted) None
  • The layer of this job in the organization structure N-3
  • Communication framework of the job:
  • Internally with:
  • All departments
  • Externally with:
  • Customers, when needed
  • External auditors

Work Conditions: very important to define the job complexity and special conditions which might affect the grading level … e.g. from electrical work, work at heights, driving, working at night, risks to sight, extensive travel is required, etc.

 

  • In-doors:100%
  • Out-doors: 0%
  • Work Hazards: Normal
  • Working Days: 5 Working Days
  • Shift Based : No
  • Days Off:2 Days Off
  • Working Hours: 48 Hours