Key Duties, Responsibility & Accountabilities
1. Participate in Cybersecurity Governance, Risk and Compliance (GRC) systems and activities, including the development, maintenance, support and improvement of Cybersecurity policies, processes, procedures and other documents.
2. Prepare and provide regular Cybersecurity GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.) to the Head Cybersecurity Specialist and CISO.
3. Conduct Cybersecurity Risk Management, including Risk Assessments of the client Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls.
4. Develop, maintain and regularly update a Cybersecurity Risk Register and contribute towards Cybersecurity improvements.
5. Perform Compliance Management for the client Policies, Procedures, applicable Regulations (MoE, NCA and HCIS) as well as Standards and Audit recommendations.
6. Provide support to the users of the GRC systems.
7. Interact with Third-Party Suppliers / Vendors / Contractors / Consultants and ensure GRC projects are completed on time and within budget and desired quality.
8. Operate a Cybersecurity Awareness Program consisting of Cybersecurity related training and awareness sessions, Phishing awareness and Tests and Cybersecurity Announcements, etc.
9. Ensure distribution of knowledge within the GRC team through coaching and training, contributing to the technical robustness of the Cybersecurity GRC team.
10. Ensures an organization’s cybersecurity program complies with applicable requirements, policies and standards.
11. Develops, updates and maintains cybersecurity policies to support and align with an organization’s cybersecurity requirements.
12. Initiate new ideas to improve Cybersecurity controls.
13. Participate in major Cybersecurity projects and initiatives
14. Manage any projects related to access control or cybersecurity activities
15. Perform any task not mentioned with similar job nature.
16. Perform any other duties assigned by the Head of Cybersecurity GRC or CISO.
17. Ensure the performance, security, and reliability of the client GRC systems and applications.
18. • Monitor and report on Governance and Compliance of the client Cybersecurity policies, procedures, applicable regulations and standards as well as Audit reports.
19. • Identify and document Cybersecurity related Threats, Vulnerabilities and Risks and work with the relevant Stakeholders to implement appropriate Cybersecurity controls for their mitigation.
20. • Develops organizational cybersecurity policies. Governs cybersecurity structures and processes, manages cyber risks and assures compliance with the organization’s cybersecurity, risk management and related legal requirements.
21. • Control the execution and implementation of GRC related projects.
22. • Guarantee Quality of Work and deliverables.
Minimum Qualifications (degree, training, or certification required)
• Bachelor’s Degree in Cybersecurity, Information Security, Computer Science or equivalent.
• GRC and Cybersecurity related certifications (e.g. Security+, CISSP, CISA, CRISC, CISM, CEH, GIAC, SSCP, etc.) preferred.
Training and other requirements:
• Robust knowledge of Cybersecurity regulations, standards and controls.
• Strong understanding of IT / Cybersecurity Governance, technologies and services.
• Expertise in preparing and analyzing GRC and Cybersecurity reports.
• Experience in IT / Cybersecurity Audit / Compliance / Regulatory discussions.
With over 90 years' combined experience, NES Fircroft (NES) is proud to be the world's leading engineering staffing provider spanning the Oil & Gas, Power & Renewables, Chemicals, Construction & Infrastructure, Life Sciences, Mining and Manufacturing sectors worldwide. With more than 80 offices in 45 countries, we are able to provide our clients with the engineering and technical expertise they need, wherever and whenever it is needed. We offer contractors far more than a traditional recruitment service, supporting with everything from securing visas and work permits, to providing market-leading benefits packages and accommodation, ensuring they are safely and compliantly able to support our clients.