Cyber Security GRC Lead
Indexed description
in Nawy. This role ensures that security risks are identified, assessed, and managed while
maintaining compliance with relevant regulatory and industry standards.
The GRC lead leads the risk governance initiatives, oversees audits, develops policies,
manages security awareness, and partners closely with engineering, product, and legal teams
to ensure secure-by-design operations across the entire organization.
Responsibilities
- Maintain an enterprise-wide information security governance & ISMS framework that
- Develop, maintain, and enforce security policies, standards, and procedures
- Lead strategic planning initiatives for security risk management, ensuring alignment
- Design, implement, and manage a security risk management framework that includes
- Oversee and continuously improve the processes for vendor security risk assessments,
- Develop and monitor key risk indicators (KRIs) and performance metrics to evaluate the
- Oversee the development, implementation, and ongoing management of the
- Prepare and lead the organization's readiness for external and internal security audits,
- Build and run security awareness and phishing simulation programs and promote an
- Ensure ongoing compliance with local regulatory frameworks, including those issued by
Requirements
- At least 4 years of experience in GRC, information security risk management or security
- Certifications: Relevant certifications such as CISSP, CISM, CRISC, or CISA are
- Demonstrated experience with ISO 27001 implementation, security audits, and vendor
- Solid understanding of cloud architectures and security controls across AWS and
- Familiarity with regulatory requirements in Egypt and international data protection
- University/college degree in a relevant professional field
- Excellent communication skills in English, both written and spoken
Create a free Caio profile to unlock more results and save your role and location preferences.
Unlock free search