Specialist - IT Governance, Risk and Compliance

The company is seeking a dedicated and knowledgeable Specialist in IT Governance, Risk, and Compliance (GRC) to support the organization’s efforts in establishing, maintaining, and enhancing IT governance frameworks. The role involves conducting risk assessments, managing compliance activities, and ensuring alignment with internal controls and regulatory standards. This position is critical in safeguarding the organization's technology environment, promoting best practices, and ensuring adherence to industry standards and legal requirements. The successful candidate will contribute to building a secure, resilient, and compliant IT landscape that supports business objectives and regulatory obligations.

Location: Abu Dhabi, Abu Dhabi Emirate, United Arab Emirates
Work Conditions: On-site, Full-time

Key Responsibilities:

• Support the development, implementation, and ongoing maintenance of IT governance frameworks, standards, and controls.
• Conduct IT risk assessments to identify potential threats and document mitigation strategies.
• Maintain and update the IT risk register, providing regular reports on risk status and mitigation progress.
• Assist in drafting, reviewing, and updating policies, procedures, and guidelines related to IT compliance and security.
• Perform compliance evaluations and gap analyses against regulatory, contractual, and internal standards.
• Facilitate internal and external audit activities by preparing documentation, collecting evidence, and tracking remediation actions.
• Conduct periodic control testing, compliance checks, and risk assessments across IT functions.
• Monitor adherence to industry standards such as ISO 27001, NIST Cybersecurity Framework, and COBIT.
• Prepare executive dashboards and detailed reports on compliance, risk, and audit findings.
• Promote awareness and adherence to governance, risk, and compliance practices within IT teams and across the organization.

Qualifications:

• Bachelor’s degree in Information Technology, Computer Science, Business Administration, or related field; Master's preferred.
• Minimum of 5+ years in IT governance, risk management, compliance roles.
• Certifications such as CISA, CISSP, CRISC, ISO 27001 Lead Implementer, or equivalent are preferred.
• Strong analytical and critical thinking skills, effective communication skills, and high attention to detail.
• Ability to interpret frameworks, policies, and regulations and translate them into actionable processes.

Technical Skills Required:

• Microsoft Office Suite (Word, Excel, PowerPoint)
• GRC tools (e.g., RSA Archer, ServiceNow)
• Familiarity with Security information and event management (SIEM) systems, Data Privacy tools, ISO 27001 compliance tools preferred.
• Knowledge of industry standards including ISO 27001, NIST, Cybersecurity best practices.

The company is committed to diversity and inclusion in the workplace and encourages applicants from diverse backgrounds to apply.