Management Trainee - GRC

• Governance and Policy Development
• Compliance and Regulatory Management
• Risk Management
• Implement and manage controls to safeguard information assets, including data protection, access controls, incident response, and business continuity planning.
• Conduct regular audits and risk assessments to evaluate the effectiveness of the ISMS and identify areas for improvement.
• Collaborate with internal stakeholders, to ensure alignment of GRC and ISMS activities. Engage with external stakeholders, including auditors, regulators, and business partners, to address compliance requirements and maintain positive relationships.
• Training & Awareness

Requirements

• Bachelor's degree in a relevant field such as Information Security, Risk Management, Professional certifications related to GRC and/or information security (e.g., CISA, CRISC, CISSP, ISO 27001 Lead Implementer) are advantageous.
• Strong knowledge of GRC principles, frameworks, and industry best practices. Familiarity with relevant regulatory requirements (e.g., GDPR, HIPAA) and international standards (e.g., ISO 27001, 20000) Experience in conducting risk assessments, developing policies, and implementing controls.
• Excellent communication and interpersonal skills, with the ability to influence and collaborate with stakeholders at various levels.
• Strong analytical and problem-solving skills, with the ability to evaluate complex situations and recommend practical solutions.
• Proficient in using GRC and ISMS tools and technologies.