Information Security Grc Lead

6 months ago


مصر, Egypt AXA Egypt Full time

Implements security controls, risk assessment framework, and program that align to regulations requirements, ensuring documented and sustainable compliance that aligns with AXA Group Security Standards.
- Manage the cyber and information security risk management lifecycle, including gaining assurance of all existing and relevant cyber and information security policies and standards.
- Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves security positioning through process improvement, policy, automation, and the continuous enhancement of capabilities.
- Regularly produce full gap analysis reports on areas of improvement and risk, recommending thorough mitigation plans including justification for options considered.
- Implements processes (governance, risk and compliance) to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
- Defines and documents business process responsibilities and ownership of the controls in GRC. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
- experience in Implementing ISMS, performing internal reviews, drafting and enforcing policies in accordance with AXA Group Security, ISO 27001, and PCI-DSS.
- Work with the Third Party Risk Management (TPRM) lead to share good practice and ensure alignment for all cyber risks facing AXA both internal and external.
- Perform the Third-Party Risk Assessments (when applicable)
- Contribute to and check the contractual Cybersecurity clauses. Liaise with the Legal department whenever it is needed. Report to the project manager or to the management the risks of clause non-execution.
- Work with IT, and business teams in planning, process mapping, documentation and testing of cyber-focused elements of risk.
- Drive AXA's cyber and information security culture, acting in an ambassadorial role across the business, able to communicate to all levels of staff.
- Demonstrate an aptitude for reporting & communicating complex information security risk concepts to technical and non-technical audiences.
- Independently be able to produce comprehensive write ups of current risks and threats as they develop, producing expedient updates as situations change and span different threat vectors.
- Proactively monitor and inform senior stakeholders on emerging cyber risks and threats, providing a view through a business lens on potential impacts.
- Own the creation and presentation of cyber and information security performance against governance frameworks and risk appetite.
- Develop and maintain AXA's Security Risk Process including - assessing potential business impact that could result from a security breach, and the resultant value of the security of information; Identifying security weaknesses and vulnerabilities; Modelling security threat scenarios; Assessing the likelihood of such threat scenarios; Assessing the overall risk level and identifying and recommending appropriate controls to manage the risk.
- Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, Secondary assurance, Minimum Technical Security Baseline
- Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
- Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
- Assists other staff in the management and oversight of security program functions.
- Trains, guides, and acts as a resource on security assessment functions to other departments.
- Remains current on best practices and technological advancements and acts as Information Security for security assessment and regulatory compliance.
- Formulates detailed reports of internal reviews and periodic assessments
- Conduct organization wide information security awareness training
- Coordinate with Infrastructure and business systems Teams to implement identified controls, policies, and procedures.

**Skills**:
**Experience, Knowledge and Skills**:
**Education & certification**

Education
- Bachelor degree in Computer Science, Engineering, or related field.
- An MSc Information Security would be desirable but is not essential

Certification
- Certified Information Systems Security Professional (CISSP) preferred
- ISO 27001 Lead Implementer or ISO 27001 Lead Auditor certification strongly preferred
- CRISC preferred
- CISA preferred

**Skills / Abilities**
- Experience and strong knowledge in Cybersecurity
- Knowledge of risk assessment models
- Knowledge of auditing and reporting procedures
- Ability to implement risk monitoring and testing procedures



  • مصر, Egypt Antal International Full time

    A well-established multinational company is looking for A GRC Information Security Officer with 9 to 11 years of experience within the GRC/IS field, responsible for providing security advice and assistance with respect to governance, risk, and compliance. improving security through collaboration with management and the IT division. You will also be...


  • مصر, Egypt PepsiCo Full time

    **Overview** This role will lead and in cases support the execution of day-to-day activities for SAP GRC deliverables for the PGT Global and individual PGT projects. This role requires close collaboration with SAP Security project lead and Global SAP GRC Manager to determine priorities of work intake around access provisioning and recertification and ensure...

  • Grc Specialist

    7 months ago


    مصر, Egypt ITS Information Technology Solutions Full time

    **Job Title: GRC Specialist** **Company Overview**: ITS Information Technology Solutions is a leading provider of innovative IT solutions and services in Giza, Egypt. We specialize in delivering cutting-edge technology solutions to businesses of all sizes, helping them to stay ahead in today's fast-paced digital world. **Job Overview**: We are seeking a...


  • مصر, Egypt Careem Full time

    Cairo, Egypt Careem is building the Everything App for the greater Middle East, making it easier than ever to move around, order food and groceries, manage payments, and more. Careem is led by a powerful purpose to simplify and improve the lives of people and build an awesome organisation that inspires. Since 2012, Careem has created earnings for over 2.5...

  • Grc Consultant

    7 months ago


    مصر, Egypt MigrationIT Full time

    **Job Information**: Industry - IT ServicesSalary - 35000Field - Security & GRCField / Area - GRCJob Category - Security Consultant GRCWork Experience - 2-5 yearsCity - CairoState/Province - AI QahirahCountry - EgyptZip/Postal Code - 11311- This is a full-time on-site role located in Egypt for a GRC (Governance, Risk, and Compliance)- Consultant.- The GRC...

  • Senior Grc Consultant

    6 months ago


    مصر, Egypt Cyber Force Full time

    **Job Code**: [T24-003-GRC-Senior] **Job Type**: Hybrid (Office and Remote) **Location**: HQ, Cairo, Egypt Cyber Force, an established Managed Security Service Provider (MSSP) and Managed Detection and Response (MDR) provider, is on the lookout for an adept Senior GRC Consultant. This role is pivotal for steering our global clientele through the intricate...

  • Grc Senior Consultant

    7 months ago


    مصر, Egypt MigrationIT Full time

    **Job Information**: Industry - IT ServicesSalary - 40000Field - Security & GRCField / Area - GRCJob Category - Security Consultant GRCWork Experience - 4-5 yearsCity - CairoState/Province - AI QahirahCountry - EgyptZip/Postal Code - 11311- This is a full-time role Based in Egypt office for a GRC (Governance, Risk, and - Compliance) / Senior Consultant.- The...


  • مصر, Egypt Cyber Force Full time

    **Job Code**: [T24-002-GRC-Mid] **Job Type**: Hybrid (Office and Remote) **Location**: HQ, Cairo, Egypt Cyber Force, a leading Managed Security Service Provider (MSSP) and Managed Detection and Response (MDR) provider, is seeking a proactive and knowledgeable Mid-Level Cybersecurity Governance, Risk, and Compliance (GRC) Analyst. In this pivotal role,...


  • مصر, Egypt EGBank Full time

    Description Implements security controls, risk assessment framework, and programs that align with regulatory requirements, ensuring documentation and sustainable compliance that is in alignment with the Bank’s objectives. and advances Bank business objectives. Evaluates risks and develops security standards, procedures, and controls to manage and control...


  • مصر, Egypt CyShield Full time

    Job Accountabilities: - Implements security standards (exp. ISO27001, ISO22301, ISO27701 CET.) - Implements Payment Card Industry standard (PCI-DSS) - Implements local and international security laws/regulations. - Implements security controls, risk assessment framework, and programs that align to regulatory requirements, standards. - Evaluates risks and...

  • Senior Grc Engineer

    6 days ago


    مصر, Egypt MaxAB Full time

    Founded in 2018, MaxAB is a rapidly growing food and grocery B2B e-commerce and distribution platform that serves a network of traditional retailers (mom-and-pop stores) across the MENA region. Using proprietary technology, MaxAB offers a transformative pull-driven supply chain and a tech-product that empowers both traditional retailers and suppliers. MaxAB...

  • Security Consultant

    2 days ago


    مصر, Egypt MigrationIT Full time

    **Job Information**: Industry - IT ServicesWork Experience - 10+ yearsCity - Nasr city, CairoState/Province - CairoCountry - EgyptZip/Postal Code - 11311- Analyze, implement and monitor risk and compliance management frameworks, policies, standards and best practices to maintain compliance with security-related compliance obligations (e.g. PCI-DSS and...

  • Manager Grc

    1 week ago


    مصر, Egypt Talabat Full time

    When you think of food delivery in the MENA region, we’d be pretty surprised if talabat didn’t pop into your mind first! Since delivering our first order in Kuwait in 2004, we’ve grown quite a lot over the past 17 years. Today, we deliver hundreds of millions of food orders, grocery items and other products per year, to our customers in nine countries...

  • IT Grc Specialist

    7 months ago


    مصر, Egypt CEQUENS Full time

    **Key Roles and Responsibilities**: **1. Governance**: - Develop and maintain IT governance policies, procedures, and standards in alignment with industry best practices and regulatory requirements. - Implement governance frameworks such as COBIT, ISO 27001, NIST, SOC 2, PCI etc., to ensure effective IT governance across the organization. - Coordinate with...


  • مصر, Egypt SGS Full time

    Company Description We are SGS - the world’s leading testing, inspection and certification company. We are recognized as the global benchmark for sustainability, quality and integrity. Our 97,000 employees operate a network of 2,650 offices and laboratories, working together to enable a better, safer and more interconnected world. **Job...

  • Information Security)

    7 months ago


    مصر, Egypt MigrationIT Full time

    **Job Information**: Industry - BankingField - Strategy, Planning & PMBudget - EGP 35,000.00Field / Area - Project ManagementJob Category - Project ManagerWork Experience - 1-3 yearsCity - New CairoState/Province - AI QahirahCountry - EgyptZip/Postal Code - 11311- Responsible for leading and administering the overall planning, providing high-level project...


  • مصر, Egypt athGADLANG Full time

    **aG Resources is hiring an Information Security Consultant with a minimum of 2 years of experience.** **Responsibilities**: - Advise on ISMS policies and procedures. - Conduct security inspections, audits, and assessments. - Develop and implement ISMS management systems. - Deliver training sessions on information security awareness and practices. -...


  • مصر, Egypt Allianz Egypt Full time

    **Responsibilities**: - Control & Review Audits/assessments; management of incident prevention, detection and incident response and ensure ongoing maintenance of security. - Risk Assessment Develop and implement an ongoing risk assessment program targeting information security. Recommend methods foe vulnerability detection and remediation and oversee...


  • مصر, Egypt EGIC Full time

    **Job Purpose** Understand information security, technology architecture, and business security. Design, direct, and deliver on IT security-related activities in an organization. Serve as a bridge between the employee—often the end-user of security processes—and the technical aspects of IT security. Collaborate, work with their teams to develop strong...

  • Security Lead

    6 days ago


    مصر, Egypt Unifonic Full time

    Proudly voted a Great Place to Work®, we are a dynamic startup in the CPaaS space that is revolutionising the way businesses communicate. Our team is made up of 500+ energetic and passionate Unifones who are dedicated to delivering the best possible experience to 5000+ customer-centric companies. We pride ourselves on our fun and collaborative work...