Security GRC Consultant

• Develop, implement, and maintain information security governance, risk, and compliance (GRC) frameworks
• Conduct enterprise risk assessments, threat modeling, and control gap analyses
• Define and monitor security policies, standards, procedures, and guidelines
• Ensure compliance with regulatory and industry frameworks such as ISO 27001, NIST, PCI DSS, and local regulations
• Support certification, audit preparation, and regulatory assessments
• Map business and technical controls to compliance and governance requirements
• Identify, assess, and track information security risks and remediation plans
• Advise stakeholders on risk treatment options and security best practices
• Coordinate internal and external audits and manage audit findings closure
• Develop risk registers, compliance reports, and executive dashboards
• Support third-party and vendor risk management assessments
• Collaborate with IT, security, legal, and business teams to embed security governance
• Provide awareness and guidance on security policies and compliance obligations
• Monitor regulatory changes and assess their impact on the organization
• Support continuous improvement of the organization’s security posture

Job Type: Full-time

Pay: QAR15,000.00 - QAR20,000.00 per month

Education:

• Bachelor's (Required)

Experience:

• cloud security (AWS, Azure, GCP): 1 year (Required)
• CISSP, CISM, ISO 27001 LI/LA, CCSK/CCSP, CRISC: 1 year (Required)