Cybersecurity Governance, Risk & Compliance (GRC) Specialist
ITHR Technologies Consulting LLC
Date: 2 weeks ago
City: Dubai
Contract type: Full time
Job Description: Cybersecurity Governance, Risk & Compliance (GRC) Specialist
Job Title
Cybersecurity GRC Specialist
Location
Dubai, UAE (Hybrid / Onsite)
Employment Type
Full-Time
About ProofOps
ProofOps is a cybersecurity services company focused on strengthening digital resilience through managed security operations, incident response, vulnerability management, penetration testing, threat intelligence, attack surface management, and cybersecurity consulting services. The company helps organizations establish robust security programs, manage cyber risk, and maintain compliance with industry standards and regulatory requirements.
Role Overview
We are seeking an experienced Cybersecurity Governance, Risk & Compliance (GRC) Specialist to lead and support cybersecurity governance initiatives, risk management programs, compliance assessments, and security framework implementation across client environments.
The ideal candidate will possess strong knowledge of cybersecurity standards, regulatory requirements, risk assessment methodologies, and information security governance practices. This role will work closely with clients, technical teams, and business stakeholders to ensure cybersecurity risks are effectively managed and compliance obligations are met.
Key Responsibilities
Governance & Security Frameworks
Develop, implement, and maintain cybersecurity governance programs.
Establish and manage Information Security Management Systems (ISMS).
Support implementation and maturity assessments for frameworks such as:
ISO 27001
NIST Cybersecurity Framework (CSF)
NIST 800-53
CIS Controls
PCI DSS
GDPR
UAE Information Assurance Standards
NIS2 And Other Regional Regulatory Requirements Where Applicable.
Develop cybersecurity policies, procedures, standards, and guidelines.
Risk Management
Conduct enterprise cybersecurity risk assessments.
Perform risk identification, analysis, treatment, and reporting.
Maintain organizational risk registers and risk treatment plans.
Facilitate business impact assessments and control effectiveness reviews.
Present risk findings and recommendations to management and clients.
Compliance & Audit Management
Conduct compliance gap assessments and readiness reviews.
Support internal and external audits.
Coordinate evidence collection and remediation activities.
Track compliance obligations and regulatory requirements.
Develop compliance dashboards and executive reports.
Third-Party & Vendor Risk Management
Perform vendor security assessments.
Review supplier compliance and security controls.
Manage third-party risk remediation activities.
Support procurement and due diligence security reviews.
Security Awareness & Advisory
Deliver cybersecurity awareness and governance workshops.
Provide strategic cybersecurity guidance to clients and stakeholders.
Assist organizations in developing security roadmaps and compliance strategies.
Support virtual CISO (vCISO) engagements when required.
Reporting & Metrics
Prepare executive-level risk and compliance reports.
Develop and track cybersecurity KPIs and KRIs.
Monitor compliance status across multiple frameworks and client environments.
Required Qualifications
Education
Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
Experience
4–8 years of experience in Cybersecurity Governance, Risk & Compliance.
Experience conducting risk assessments and compliance audits.
Hands-on experience implementing security governance frameworks.
Experience working within consulting, MSSP, SOC, or cybersecurity service environments is preferred.
Technical Knowledge
Information Security Governance
Enterprise Risk Management
Cybersecurity Risk Assessments
Compliance Auditing
Security Policy Development
Third-Party Risk Management
Business Continuity & Disaster Recovery
Security Awareness Programs
Vulnerability and Risk Reporting
Frameworks & Standards
Strong working knowledge of:
ISO 27001 / ISO 27002
NIST CSF
NIST 800-53
CIS Controls
PCI DSS
GDPR
SOC 2
UAE Cybersecurity Regulations
Cloud Security Governance (AWS, Azure, GCP)
Preferred Certifications
One or more of the following certifications are highly desirable:
CISSP
CISM
CRISC
ISO 27001 Lead Implementer
ISO 27001 Lead Auditor
CISA
PCI DSS ISA/QSA (preferred)
CCSK or CCSP
Key Competencies
Excellent analytical and problem-solving skills
Strong stakeholder management abilities
Executive-level communication and presentation skills
Risk-based decision-making mindset
Strong documentation and reporting capabilities
Ability to manage multiple client engagements simultaneously
High attention to detail and compliance requirements
Job Title
Cybersecurity GRC Specialist
Location
Dubai, UAE (Hybrid / Onsite)
Employment Type
Full-Time
About ProofOps
ProofOps is a cybersecurity services company focused on strengthening digital resilience through managed security operations, incident response, vulnerability management, penetration testing, threat intelligence, attack surface management, and cybersecurity consulting services. The company helps organizations establish robust security programs, manage cyber risk, and maintain compliance with industry standards and regulatory requirements.
Role Overview
We are seeking an experienced Cybersecurity Governance, Risk & Compliance (GRC) Specialist to lead and support cybersecurity governance initiatives, risk management programs, compliance assessments, and security framework implementation across client environments.
The ideal candidate will possess strong knowledge of cybersecurity standards, regulatory requirements, risk assessment methodologies, and information security governance practices. This role will work closely with clients, technical teams, and business stakeholders to ensure cybersecurity risks are effectively managed and compliance obligations are met.
Key Responsibilities
Governance & Security Frameworks
Develop, implement, and maintain cybersecurity governance programs.
Establish and manage Information Security Management Systems (ISMS).
Support implementation and maturity assessments for frameworks such as:
ISO 27001
NIST Cybersecurity Framework (CSF)
NIST 800-53
CIS Controls
PCI DSS
GDPR
UAE Information Assurance Standards
NIS2 And Other Regional Regulatory Requirements Where Applicable.
Develop cybersecurity policies, procedures, standards, and guidelines.
Risk Management
Conduct enterprise cybersecurity risk assessments.
Perform risk identification, analysis, treatment, and reporting.
Maintain organizational risk registers and risk treatment plans.
Facilitate business impact assessments and control effectiveness reviews.
Present risk findings and recommendations to management and clients.
Compliance & Audit Management
Conduct compliance gap assessments and readiness reviews.
Support internal and external audits.
Coordinate evidence collection and remediation activities.
Track compliance obligations and regulatory requirements.
Develop compliance dashboards and executive reports.
Third-Party & Vendor Risk Management
Perform vendor security assessments.
Review supplier compliance and security controls.
Manage third-party risk remediation activities.
Support procurement and due diligence security reviews.
Security Awareness & Advisory
Deliver cybersecurity awareness and governance workshops.
Provide strategic cybersecurity guidance to clients and stakeholders.
Assist organizations in developing security roadmaps and compliance strategies.
Support virtual CISO (vCISO) engagements when required.
Reporting & Metrics
Prepare executive-level risk and compliance reports.
Develop and track cybersecurity KPIs and KRIs.
Monitor compliance status across multiple frameworks and client environments.
Required Qualifications
Education
Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a related field.
Experience
4–8 years of experience in Cybersecurity Governance, Risk & Compliance.
Experience conducting risk assessments and compliance audits.
Hands-on experience implementing security governance frameworks.
Experience working within consulting, MSSP, SOC, or cybersecurity service environments is preferred.
Technical Knowledge
Information Security Governance
Enterprise Risk Management
Cybersecurity Risk Assessments
Compliance Auditing
Security Policy Development
Third-Party Risk Management
Business Continuity & Disaster Recovery
Security Awareness Programs
Vulnerability and Risk Reporting
Frameworks & Standards
Strong working knowledge of:
ISO 27001 / ISO 27002
NIST CSF
NIST 800-53
CIS Controls
PCI DSS
GDPR
SOC 2
UAE Cybersecurity Regulations
Cloud Security Governance (AWS, Azure, GCP)
Preferred Certifications
One or more of the following certifications are highly desirable:
CISSP
CISM
CRISC
ISO 27001 Lead Implementer
ISO 27001 Lead Auditor
CISA
PCI DSS ISA/QSA (preferred)
CCSK or CCSP
Key Competencies
Excellent analytical and problem-solving skills
Strong stakeholder management abilities
Executive-level communication and presentation skills
Risk-based decision-making mindset
Strong documentation and reporting capabilities
Ability to manage multiple client engagements simultaneously
High attention to detail and compliance requirements
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Entry-Level Administrative Professional - Operations & Office Support (Remote)
PULSEMEDIA (EMEA),
Dubai
2 days ago
About The RoleWe're looking for a highly organized and motivated Entry-Level Administrative Professional to support our remote Operations team. In this role, you'll help keep day-to-day business activities running efficiently by providing administrative, operational, and coordination support across multiple departments.This opportunity is ideal for someone beginning their career who enjoys staying organized, solving problems, and working collaboratively in a fast-paced...
Business Development executive
Deluxe Holiday Homes,
Dubai
2 days ago
Role Overview
We are seeking a highly motivated and ambitious Junior Business Development Executive to support our growth initiatives in Dubai. This role is ideal for a recent graduate or early-career sales professional eager to learn the ropes of real estate business development and progress toward becoming a full-cycle closer.
Key Responsibilities
Engage with pre-qualified leads to drive interest and...
Facilities Coordinator
PepsiCo,
Dubai
3 days ago
OverviewWe Are PepsiCoPepsiCo products are enjoyed by consumers more than one billion times a day in more than 200 countries and territories around the world. PepsiCo generated more than $79 billion in net revenue in 2021, driven by a complementary beverage and convenient foods portfolio that includes LAY’S , DORITOS , CHEETOS , GATORADE , PEPSI , QUAKER and more....