Infosec Consultant

We are seeking a highly skilled and motivated Infosec Consultant who is fluent in Arabic to join our team. The ideal candidate will have extensive experience in Governance, Risk, and Compliance (GRC), Information Security Management Systems (ISMS), risk assessments, and audits. As an Infosec Consultant, you will be responsible for ensuring that our organization's information security policies and practices comply with relevant regulations and standards, while also addressing any potential risks and vulnerabilities.

Key Responsibilities:

1. Governance, Risk, and Compliance (GRC):
   1. Develop, implement, and maintain information security policies, procedures, and controls in line with GRC requirements.
   2. Advise on compliance with relevant regulations, standards, and frameworks (e.g., ISO 27001, NIST, GDPR).
   3. Monitor and report on the effectiveness of GRC programs and make recommendations for improvements.
2. Information Security Management Systems (ISMS):
   1. Oversee the development and maintenance of ISMS policies and procedures.
   2. Conduct regular reviews and updates to ensure alignment with best practices and regulatory changes.
   3. Facilitate the certification and recertification processes for ISO 27001 and other relevant standards.
   4. Perform comprehensive risk assessments to identify and evaluate potential security threats and vulnerabilities.
   5. Develop and implement risk mitigation strategies and plans.
   6. Collaborate with various departments to address identified risks and ensure effective risk management.
3. Audits:
   1. Plan, conduct, and oversee internal and external security audits to assess compliance with policies, standards, and regulations.
   2. Prepare and present audit findings, reports, and recommendations to stakeholders.
   3. Ensure corrective actions are implemented and monitor their effectiveness.
   4. Provide consultancy and support in Arabic for stakeholders, including documentation and communication.
   5. Assist in translating and localizing security policies and procedures as needed.

Qualifications:

• Bachelor's degree in Information Security, Computer Science, or a related field. Advanced certifications (e.g., CISSP, CISM, CISA) are highly desirable.
• Proven experience in information security consulting, with a strong understanding of GRC, ISMS, risk assessments, and audits.
• Fluency in Arabic (both written and spoken) and English is required.
• Strong analytical and problem-solving skills with the ability to address complex security issues.
• Excellent communication and interpersonal skills, with the ability to work effectively with diverse teams and stakeholders.