Startup Jobs
Post a Job
Agility

Senior Information Security Analyst - Compliance & GRC

Al-Dajeej , Kuwait
full-time

AI overview

Lead the design and improvement of security frameworks while ensuring compliance with international standards, focusing on organization-wide audit readiness and risk management.

Role Summary:

We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our entral Governance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities:

 Compliance and GRC Management

  •  Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks
  • Ensure the organization's compliance with all relevant local, regional, and international regulations and standards, ISO 27001, ISO 22301)
  • Act as the primary auditee and point of contact for all internal and external information security audits
  • Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets
  • Drive a culture of security and resilience across the organization

 Security Controls & Technical Oversight

  •  Conduct security assessments and audits of various IT platforms, including cloud infrastructure , on-premise servers (Windows, Linux), databases, and network devices.
  • Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses
  • Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)
  • Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging
  • Apply strong knowledge of secure configuration baselines and hardening standards (CIS Benchmarks) for operating systems, web servers, and network equipment

Requirements

Your Qualifications:

  • Education: Candidate must possess at least a Bachelor of Science or Bachelor of Computer Application
  • Experience: A minimum of 5 - 10 years of experience in a similar environment
  • Domain: Experience in Government Sector or Private Sector with Enterprise data Center Security Compliance
  • Certifications: Essential certifications include ISO 27001, ISO 22301, CISSP, and CISA
  • Language: Must be fluent in English, with Arabic as an added advantage.

Your Competencies:

Technical:

  • Security Frameworks & Standards: Profound knowledge of ISO 27001, NIST, and CIS
  • Security Controls: A solid understanding of network security (Firewalls, IDS/IPS), Endpoint Security (EDR), IAM principles, and Cryptography
  • Tools: Practical experience with Vulnerability and Risk Assessment Tools and familiarity with SIEM platforms
  • Software Proficiency: Experience with GRC Platforms and documentation tools (Microsoft Office Suite, SharePoint, Jira, Confluence)

 Behavioral:

  • Teamwork and Collaboration
  • Quality and Results focused
  • Learning Agility
  • Business Acumen
  • Decision Making
  • Digital Savvy
  • Agility and Adaptability
  • Negotiation and influence
  • Planning and Organizing
Agility

We operate and invest in companies that transform supply chains in the Middle East, Africa, Asia and around the world. There are 16,000 of us in more than 40 countries. We believe in innovation. In a fairer, more inclusive economy. In using our talents to make the world cleaner and safer. Come join us.

Website LinkedIn
View all jobs
Get hired quicker

Be the first to apply. Receive an email whenever similar jobs are posted.

Ace your job interview

Understand the required skills and qualifications, anticipate the questions you may be asked, and study well-prepared answers using our sample responses.

Information Security Analyst Q&A's
Report this job
Apply for this job