GRC Analyst (Information Security)
ECCO Gulf WLLQatar9 hours ago
Full-timeInformation Technology
Track This Job
Add this job to your tracking list to:
- Monitor application status and updates
- Change status (Applied, Interview, Offer, etc.)
- Add personal notes and comments
- Set reminders for follow-ups
- Track your entire application journey
Save This Job
Add this job to your saved collection to:
- Access easily from your saved jobs dashboard
- Review job details later without searching again
- Compare with other saved opportunities
- Keep a collection of interesting positions
- Receive notifications about saved jobs before they expire
AI-Powered Job Summary
Get a concise overview of key job requirements, responsibilities, and qualifications in seconds.
Pro Tip: Use this feature to quickly decide if a job matches your skills before reading the full description.
Job Description
Job Specific Skills:
Bachelors in computer science, Information Security, IT and equivalent hands‑on experience.
Certification: CompTIA Security+, ISO 27001 Internal Auditor/Lead Implementer, CCSK, CISA, CISM, CISSP
Clear written and verbal communication
Minimum Experience
4+ Years can lead an audit cycle end-to-end, mature control sets, and coach other.
Job Specific Skills:
- Control frameServices mapping (ISO 27001, QCSF, NIA ) to business processes.
- Control design & effectiveness testing (walkthroughs, sampling, test scripts).
- Audit lifecycle execution (readiness, field Services coordination, closure with auditors).
- Evidence management & traceability (artifact collection, versioning, chain of custody).
- Risk assessment & treatment (registers, scoring models, risk acceptance/mitigation plans).
- Policy/standard/procedure development and periodic review for auditability.
- Third-party/vendor risk management
- Cloud security compliance (AWS/Azure/GCP: IAM, logging, baseline configurations).
- Regulatory alignment (NIA, Qatar Privacy Law, Qatar Cyber Crime Law, GDPR/CCPA, PCI DSS, ) and applicability analysis.
- Metrics & reporting (KPIs/KRIs, dashboards, executive summaries).
- Issue management & remediation tracking.
- GRC platform proficiency.
Bachelors in computer science, Information Security, IT and equivalent hands‑on experience.
Certification: CompTIA Security+, ISO 27001 Internal Auditor/Lead Implementer, CCSK, CISA, CISM, CISSP
Clear written and verbal communication
Minimum Experience
4+ Years can lead an audit cycle end-to-end, mature control sets, and coach other.
Key Skills
Ranked by relevanceReady to apply?
Join ECCO Gulf WLL and take your career to the next level!
Application takes less than 5 minutes