Grc Engineer

Founded in 2018, MaxAB is a rapidly growing food and grocery B2B e-commerce and distribution platform that serves a network of traditional retailers (mom-and-pop stores) across the MENA region. Using proprietary technology, MaxAB offers a transformative pull-driven supply chain and a tech-product that empowers both traditional retailers and suppliers. MaxAB offers traditional retailers the simplicity of dealing with one supplier, transparent pricing, on-demand delivery, and a range of value-added and embedded finance solutions. Suppliers benefit from MaxAB's end-to-end supply chain solutions and business intelligence tools that allow them to accurately predict, monitor, and control the impact of their strategies in real time.

Our MaxAB talent are dedicated to uphold the MaxAB culture and values all while continuing to grow and improve services for our clients. They are innovating new ways to help improve the quality of life of the Egyptian retailer and soon to other retailers globally.

If you are passionate about working hard to make an impact and innovate new solutions, MaxAB is looking for top talent

**Responsibilities**:

- Delivery of Security GRC management and processes that gel with Security Strategy.
- Creation, implementation, and monitoring of information security policies, processes, exceptions, and change management requests assessment to automate and continuously monitor information security controls, risks, testing, and incidents.
- Develop and maintain a risk register and risk management framework.
- Performing end-to-end IT solution/workflow risk assessment to identify potential risks and propose mitigation solutions.
- Ensuring that requirements in IT Audit, Standard, Policy, Compliance, and Risk controls are met.
- Updates security controls and provides support to all stakeholders on security controls covering internal assessments, laws, and regulations.
- Performs other related duties as assigned.
- Monitor applicable cybersecurity regulations for changes and incorporate new requirements into existing policies and procedures.

**Minimum Qualifications**:

- Bachelor's degree in Computer and Information Science, Engineering, or a related field.
- Must Have solid work experience in a GRC, or Information Security role.
- Experience in the implementation of security policies and procedures.
- Experience in executing cyber security audits and assessments
- Strong knowledge of common cyber security frameworks such as PCI DSS, ISO 27001, and NIST CSF.
- Knowledge of Information Security Risk management processes & assessment (ISO27005).
- Familiarity with Third-Party Risk Management and external and Internal Audits.
- Strong demonstrated knowledge of Business Continuity Plan and Disaster Recovery Plan.
- Prior hands-on technical working experience in least 2 of the domains: ISO27K, Cloud Services, NIST, PCI DSS, BCP/DR/Crisis Management