{bc}
linkedin

Senior Governance, Risk and Compliance Analyst

Imbono
Dubai, UAE
Full Time
Senior
2 weeks ago
ISO/IEC 27001NIST CSFRisk ManagementCompliance MonitoringAudit CoordinationThird Party Risk Management
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

ISO/IEC 27001NIST CSFRisk Management
Smart Apply

Full Job Posting

Role Summary

  • Senior GRC Analyst responsible for ISMS operation and improvement
  • Reports to Head of Information Security
  • Covers Dubai (HQ), Angola, and other geographies

Responsibilities

  • Maintain, update, and continuously improve the ISMS in accordance with ISO/IEC 27001:2022 and NIST CSF 2.0
  • Own and maintain the information security risk register; facilitate risk identification and assessment workshops
  • Monitor compliance with regulatory regimes and internal security policies; identify and track remediation actions
  • Coordinate internal and external ISMS audits; manage findings and corrective action plans
  • Conduct third party security assessments for vendors and maintain vendor risk register
  • Support data protection activities including ROPA maintenance and DSARs
  • Provide GRC support to M365 tenant to tenant migration programme
  • Support development and delivery of security awareness training and phishing simulations
  • Prepare regular GRC dashboards and management reports

Experience

  • 5 7 years of experience in information security governance, risk, and compliance roles
  • Hands on experience implementing and maintaining an ISO/IEC 27001 ISMS
  • Experience with NIST CSF as a risk management framework
  • Experience with regulatory compliance (UAE PDPL, Angola Lei 22/11, GDPR)
  • Experience with Microsoft 365 compliance tooling preferred
  • Experience conducting third party security risk assessments
  • Experience in financial services, trading, or professional services advantageous

Qualifications

  • Bachelor's degree in Information Security, Computer Science or related discipline
  • ISO 27001:2022 Lead Implementer certification required
  • ISO 27001:2022 Lead Auditor certification required
  • CISM, CISA, or CISSP preferred

Skills

  • Deep working knowledge of ISO/IEC 27001:2022 requirements and controls
  • Practical knowledge of NIST CSF 2.0
  • Strong risk assessment methodology skills
  • Familiarity with Microsoft Purview Compliance Manager
  • Strong written communication and audit ready documentation
  • Proficient in SharePoint based document management
  • Analytical mindset for translating regulatory requirements into operational programmes
  • Proficiency in English required; Portuguese is a significant advantage

Competencies

  • Analytical Thinking
  • Attention to Detail
  • Stakeholder Management
  • Communication
  • Ownership
  • Resilience

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at Imbono