GRC Specialist

Responsibilities: 

• Develop, implement, and maintain documentation for Information Security Management Systems (ISMS) and Business Continuity Management Systems (BCMS). 
• Conduct and support Business Impact Analysis (BIA) for the organization's key processes. 
• Perform risk assessments for processes, assets, and projects. 
• Develop, maintain, and periodically test Business Continuity Plans (BCP) and Disaster Recovery Plans (DRP). 
• Participate in the implementation of compliance requirements aligned with ISO 27001, ISO 22301, and other relevant standards. 
• Prepare documentation for internal and external audits and actively participate in audit activities. 
• Deliver employee training sessions related to Information Security and Business Continuity policies. 

Requirements: 

• 4+ years of experience in information security or business continuity domains. 
• Practical experience in developing, implementing, and maintaining ISMS and BCMS policies, procedures, and standards. 
• Strong knowledge of ISO 27001, ISO 22301, and other related frameworks. 
• Valid certifications such as ISO 27001 Lead Implementer/Auditor and ISO 22301 Implementer/Auditor. 
• Hands-on experience with audit participation and certification projects.