Cyber Security Engineer (GRC)

About Axis

We believe financial services should be more accessible, that’s why we started Axis. A fully interoperable mobile wallet which enables users to send and receive money from any mobile wallet in Egypt, pay their bills, buy anything online with a virtual Visa card, or scan any QR code to pay for anything in-person. Axis empowers small businesses with simplified digital payments to compete & grow. Our digital banking platform enables small businesses to seamlessly manage payments to employees and suppliers. Small businesses can now send salaries, reimbursements and instantly pay their suppliers on any mobile wallet in Egypt.

Overview Of The Role

Axis is seeking a highly motivated and skilled Mid-Level Governance, Risk, and Compliance (GRC) Engineer to join our growing cybersecurity team. The GRC Engineer will play a crucial role in establishing, maintaining, and improving our GRC framework. You will be responsible for ensuring our adherence to relevant regulations, standards, and internal policies, as well as identifying and mitigating potential risks across the organization.

What You'll Be Doing

• Assist in the development, implementation, and maintenance of GRC policies, standards, and procedures.
• Conduct risk assessments to identify, analyze, and evaluate potential risks and vulnerabilities across various business functions and IT systems.
• Support the monitoring of compliance with relevant laws, regulations (e.g., GDPR, PCI, ISO 27001, CIS, SOC2), and contractual obligations.
• Assist in the execution of internal and external audits, including gathering evidence, documenting findings, and tracking remediation efforts.
• Contribute to the development and delivery of GRC awareness and training programs for employees.
• Support the implementation and management of GRC tools and technologies.
• Collaborate with cross-functional teams (e.g., IT, Legal, HR) to ensure alignment of GRC activities with business objectives.
• Assist in the development of risk treatment and mitigation plans and track their implementation.
• Prepare regular reports and dashboards on the status of GRC activities, risks, and compliance efforts for management review.
• Stay up-to-date on the latest GRC trends, regulations, and best practices.
• Participate in the development and execution of business continuity and disaster recovery plans.
• Assist with third-party risk management activities, including vendor assessments.
• Contribute to the development and maintenance of security metrics and KPIs.
  
  

Requirements

• Bachelor's degree in Information Technology, Cybersecurity, or a related field.
• 2 - 3 years of experience in a GRC analyst, GRC engineer, information security analyst, IT auditor, or a related role.
• Solid understanding of GRC principles, frameworks (e.g., PCI, CIS, SOC2, NIST), and relevant regulations and standards.
• Experience in conducting risk assessments and identifying control weaknesses.
• Familiarity with audit processes and methodologies.
• Strong analytical and problem-solving skills with attention to detail.
• Excellent written and verbal communication skills, with the ability to explain technical concepts to both technical and non-technical audiences.
• Ability to work independently and as part of a team.
• Relevant professional certifications such as CISA, CompTIA Security+, or equivalent is preferred.
• Knowledge of data privacy regulations (e.g., GDPR, CCPA).