Job Summary:
The Senior Cybersecurity Specialist – GRC* is responsible for supporting the implementation of cybersecurity governance, risk, and compliance frameworks. The role involves conducting risk assessments, maintaining policies, ensuring regulatory compliance, and enhancing awareness across IT, IS, and OT environments.
Key Responsibilities:
- Assist in developing cybersecurity policies, procedures, and standards
- Perform risk assessments, audits, and compliance reviews
- Manage third-party cybersecurity risk assessments
- Maintain and update the cybersecurity risk register
- Conduct cybersecurity awareness training and phishing simulations
- Monitor threat intelligence and emerging cyber risks
- Support implementation of data security and privacy controls
- Participate in incident response and reporting activities
- Prepare KPI reports and support performance monitoring
- Mentor junior cybersecurity team members
Requirements:
Education:
- Bachelor’s degree in Cybersecurity, Computer Science, Information Security, or related field
Experience:
- Minimum 5 years of experience in Cybersecurity GRC / IT GRC / Information Security
- Hands-on experience in risk management, compliance, and policy development
Preferred Certifications:
- CISA, CISM, CRISC
- CISSP, Security+, SSCP
- CEH, GIAC
- ISO 27001 Lead Implementer / Auditor
- NIST, ITIL
