Job Description
Job Purpose:
Support the implementation, monitoring, and continuous improvement of information security governance, risk management, and compliance program. This role contributes directly to maintaining ISO 27001:2022 certification, supporting surveillance and external audits, driving KPI/KRI reporting, and enabling the maturity and scalability of GRC processes.
Job Responsibilities:
▪ Support the development, implementation, and enhancement of the Information Security Management System (ISMS) in line with ISO 27001:2022 .
▪ Assist in maintaining GRC policies, procedures, and standards aligned with regulatory and business requirements
▪ Gather and report on security-related KPIs and KRIs to monitor control effectiveness and program health
▪ Participate in risk assessments, maintain the risk register, and support mitigation tracking
▪ Contribute to internal and external audit readiness, including ISO surveillance visits
<...