GRC (Risk Assessment) Specialist
Inbox Business Technologies, Pakistan

• Conduct risk assessments of the organization's information systems and assets to identify and evaluate potential risks and vulnerabilities.
• Develop and implement risk mitigation strategies and controls to reduce identified risks.
• Work with IT and security teams to ensure compliance with applicable information security standards and regulations, such as ISO 27001, NIST, GDPR, etc.
• Monitor and track information security incidents and breaches, and develop response plans to mitigate their impact.
• Collaborate with internal stakeholders to promote information security awareness and best practices throughout the organization.
• Conduct third-party risk assessments to evaluate the information security risks associated with vendors and partners.
• Develop and maintain information security policies, procedures, and guidelines based on industry best practices and applicable regulations.

Requirements

• Bachelor's or Master's degree in Information Security, Computer Science, or a related field.
• At least 3 years of experience in information security risk assessment, with a focus on risk management and mitigation.
• Strong knowledge of information security standards and regulations, such as ISO 27001, NIST, GDPR, etc.
• Experience in developing and implementing risk mitigation strategies and controls.
• Familiarity with security testing tools and techniques, such as vulnerability scanning, penetration testing, etc.
• Excellent communication and interpersonal skills, with the ability to work effectively with internal and external stakeholders.
• Relevant certifications such as ISO 27001, or other related certifications are a plus.
• Candidate must be willing to travel both nationally and internationally
• Hiring location could be either of Karachi / Lahore / Islamabad

Benefits

Call Allowance
Fuel Allowance
Mobile Allowance
Provident Fund
Health Insurance (OPD / IPD)
Life Insurance