Cybersecurity Governance, Risk & Compliance (GRC) Specialist
ITHR Technologies Consulting LLC
Date: 3 hours ago
City: Dubai
Contract type: Full time
Job Description: Cybersecurity Governance, Risk & Compliance (GRC) Specialist
Job Title
Cybersecurity GRC Specialist
Location
Dubai, UAE (Hybrid / Onsite)
Employment Type
Full-Time
About ProofOps
ProofOps is a cybersecurity services company focused on strengthening digital resilience through managed security operations, incident response, vulnerability management, penetration testing, threat intelligence, attack surface management, and cybersecurity consulting services. The company helps organizations establish robust security programs, manage cyber risk, and maintain compliance with industry standards and regulatory requirements.
Role Overview
We are seeking an experienced Cybersecurity Governance, Risk & Compliance (GRC) Specialist to lead and support cybersecurity governance initiatives, risk management programs, compliance assessments, and security framework implementation across client environments.
The ideal candidate will possess strong knowledge of cybersecurity standards, regulatory requirements, risk assessment methodologies, and information security governance practices. This role will work closely with clients, technical teams, and business stakeholders to ensure cybersecurity risks are effectively managed and compliance obligations are met.
Key Responsibilities
Governance & Security Frameworks
Develop, implement, and maintain cybersecurity governance programs.
Establish and manage Information Security Management Systems (ISMS).
Support implementation and maturity assessments for frameworks such as:
ISO 27001
NIST Cybersecurity Framework (CSF)
NIST 800-53
CIS Controls
PCI DSS
GDPR
UAE Information Assurance Standards
NIS2 And Other Regional Regulatory Requirements Where Applicable.
Develop cybersecurity policies, procedures, standards, and guidelines.
Risk Management
Conduct enterprise cybersecurity risk assessments.
Perform risk identification, analysis, treatment, and reporting.
Maintain organizational risk registers and risk treatment plans.
Facilitate business impact assessments and control effectiveness reviews.
Present risk findings and recommendations to management and clients.
Compliance & Audit Management
Conduct compliance gap assessments and readiness reviews.
Support internal and external audits.
Coordinate evidence collection and remediation activities.
Track compliance obligations and regulatory requirements.
Develop compliance dashboards and executive reports.
Third-Party & Vendor Risk Management
Perform vendor security assessments.
Review supplier compliance and security controls.
Manage third-party risk remediation activities.
Support procurement and due diligence security reviews.
Security Awareness & Advisory
Deliver cybersecurity awareness and governance workshops.
Provide strategic cybersecurity guidance to clients and stakeholders.
Assist organizations in developing security roadmaps and compliance strategies.
Support virtual CISO (vCISO) engagements when required.
Reporting & Metrics
Prepare executive-level risk and compliance reports.
Develop and track cybersecurity KPIs and KRIs.
Monitor compliance status across multiple frameworks and client environments.
Required Qualifications
Education
Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
Experience
4–8 years of experience in Cybersecurity Governance, Risk & Compliance.
Experience conducting risk assessments and compliance audits.
Hands-on experience implementing security governance frameworks.
Experience working within consulting, MSSP, SOC, or cybersecurity service environments is preferred.
Technical Knowledge
Information Security Governance
Enterprise Risk Management
Cybersecurity Risk Assessments
Compliance Auditing
Security Policy Development
Third-Party Risk Management
Business Continuity & Disaster Recovery
Security Awareness Programs
Vulnerability and Risk Reporting
Frameworks & Standards
Strong working knowledge of:
ISO 27001 / ISO 27002
NIST CSF
NIST 800-53
CIS Controls
PCI DSS
GDPR
SOC 2
UAE Cybersecurity Regulations
Cloud Security Governance (AWS, Azure, GCP)
Preferred Certifications
One or more of the following certifications are highly desirable:
CISSP
CISM
CRISC
ISO 27001 Lead Implementer
ISO 27001 Lead Auditor
CISA
PCI DSS ISA/QSA (preferred)
CCSK or CCSP
Key Competencies
Excellent analytical and problem-solving skills
Strong stakeholder management abilities
Executive-level communication and presentation skills
Risk-based decision-making mindset
Strong documentation and reporting capabilities
Ability to manage multiple client engagements simultaneously
High attention to detail and compliance requirements
Job Title
Cybersecurity GRC Specialist
Location
Dubai, UAE (Hybrid / Onsite)
Employment Type
Full-Time
About ProofOps
ProofOps is a cybersecurity services company focused on strengthening digital resilience through managed security operations, incident response, vulnerability management, penetration testing, threat intelligence, attack surface management, and cybersecurity consulting services. The company helps organizations establish robust security programs, manage cyber risk, and maintain compliance with industry standards and regulatory requirements.
Role Overview
We are seeking an experienced Cybersecurity Governance, Risk & Compliance (GRC) Specialist to lead and support cybersecurity governance initiatives, risk management programs, compliance assessments, and security framework implementation across client environments.
The ideal candidate will possess strong knowledge of cybersecurity standards, regulatory requirements, risk assessment methodologies, and information security governance practices. This role will work closely with clients, technical teams, and business stakeholders to ensure cybersecurity risks are effectively managed and compliance obligations are met.
Key Responsibilities
Governance & Security Frameworks
Develop, implement, and maintain cybersecurity governance programs.
Establish and manage Information Security Management Systems (ISMS).
Support implementation and maturity assessments for frameworks such as:
ISO 27001
NIST Cybersecurity Framework (CSF)
NIST 800-53
CIS Controls
PCI DSS
GDPR
UAE Information Assurance Standards
NIS2 And Other Regional Regulatory Requirements Where Applicable.
Develop cybersecurity policies, procedures, standards, and guidelines.
Risk Management
Conduct enterprise cybersecurity risk assessments.
Perform risk identification, analysis, treatment, and reporting.
Maintain organizational risk registers and risk treatment plans.
Facilitate business impact assessments and control effectiveness reviews.
Present risk findings and recommendations to management and clients.
Compliance & Audit Management
Conduct compliance gap assessments and readiness reviews.
Support internal and external audits.
Coordinate evidence collection and remediation activities.
Track compliance obligations and regulatory requirements.
Develop compliance dashboards and executive reports.
Third-Party & Vendor Risk Management
Perform vendor security assessments.
Review supplier compliance and security controls.
Manage third-party risk remediation activities.
Support procurement and due diligence security reviews.
Security Awareness & Advisory
Deliver cybersecurity awareness and governance workshops.
Provide strategic cybersecurity guidance to clients and stakeholders.
Assist organizations in developing security roadmaps and compliance strategies.
Support virtual CISO (vCISO) engagements when required.
Reporting & Metrics
Prepare executive-level risk and compliance reports.
Develop and track cybersecurity KPIs and KRIs.
Monitor compliance status across multiple frameworks and client environments.
Required Qualifications
Education
Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
Experience
4–8 years of experience in Cybersecurity Governance, Risk & Compliance.
Experience conducting risk assessments and compliance audits.
Hands-on experience implementing security governance frameworks.
Experience working within consulting, MSSP, SOC, or cybersecurity service environments is preferred.
Technical Knowledge
Information Security Governance
Enterprise Risk Management
Cybersecurity Risk Assessments
Compliance Auditing
Security Policy Development
Third-Party Risk Management
Business Continuity & Disaster Recovery
Security Awareness Programs
Vulnerability and Risk Reporting
Frameworks & Standards
Strong working knowledge of:
ISO 27001 / ISO 27002
NIST CSF
NIST 800-53
CIS Controls
PCI DSS
GDPR
SOC 2
UAE Cybersecurity Regulations
Cloud Security Governance (AWS, Azure, GCP)
Preferred Certifications
One or more of the following certifications are highly desirable:
CISSP
CISM
CRISC
ISO 27001 Lead Implementer
ISO 27001 Lead Auditor
CISA
PCI DSS ISA/QSA (preferred)
CCSK or CCSP
Key Competencies
Excellent analytical and problem-solving skills
Strong stakeholder management abilities
Executive-level communication and presentation skills
Risk-based decision-making mindset
Strong documentation and reporting capabilities
Ability to manage multiple client engagements simultaneously
High attention to detail and compliance requirements
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Sales & Logistics Coordinator (Food & Beverage Distribution)
The Greater Change,
Dubai
2 hours ago
About the CompanyOur client is a well-established food and beverage distribution company serving hotels, restaurants, cafés, retailers, and hospitality businesses across the UAE. The organization is recognized for its commitment to product quality, customer service excellence, and efficient supply chain operations. With a growing portfolio of premium food and beverage products, the company continues to expand its market presence through...
Consultant Pediatric Orthopaedic Surgeon – Abu Dhabi
Allocation Assist Middle East,
Dubai
3 hours ago
Job SummaryWe are seeking a highly qualified and experienced Consultant Pediatric Orthopaedic Surgeon to join a leading healthcare facility in Abu Dhabi. The successful candidate will provide specialized surgical and non-surgical care for infants, children, and adolescents with musculoskeletal disorders, congenital deformities, trauma, and orthopedic conditions while delivering evidence-based and patient-centered care.The ideal candidate will work collaboratively with multidisciplinary pediatric...
Carpenter
Le Méridien Hotels & Resorts,
Dubai
1 day ago
Additional InformationJob Number 26072137Job Category Engineering & FacilitiesLocation Airport Road, Dubai, United Arab Emirates, United Arab Emirates,VIEW ON MAPSchedule Full TimeLocated Remotely? NPosition Type Non-ManagementPosition SummaryRespond and attend to guest repair requests. Communicate with guests/customers to resolve maintenance issues. Perform preventive maintenance on tools and kitchen and mechanical room equipment, including cleaning and lubrication. Visually inspect tools, equipment, or machines....
