Job Description
We are looking for a GRC specialist to join our cybersecurity team. In this role, you’ll help ensure our organization meets internal and external information security standards by managing risk, compliance, and governance processes.
Key Responsibilities:
- Develop, update, and maintain information security policies and procedures.
- Perform risk assessments and control testing.
- Identify and report security gaps or control failures.
- Support teams with remediation actions and track their progress.
- Help implement security frameworks like NIST, COBIT, and CIS.
- Prepare reports and dashboards for leadership.
- Deliver awareness sessions and assist with training programs.
Requirements:
- Bachelor’s degree in IT, Business, or a related field (associate degree is also considered).
- At least 2 years in a GRC role or 3 years in cybersecurity-related work.
- Knowledge of frameworks (CIS, NIST, COBIT).
- Strong attention to detail, analytical mindset, and communication skills.
- Certifications like Security+, CISA, or CISSP are a big plus.
Nice to Have:
- Experience creating metrics and dashboards.
- Background in audits, compliance, or risk remediation.
- Ability to work independently and across teams.
Work Conditions:
- Sunday - Thursday.
- 8:30 - 17:00.
- District 1, Tehran.
