GRC Specialist Etihad Airways

Accountabilities

• Proactively seek opportunities to improve the efficiency / effectiveness of the IT security compliance program.
• Develop, review and revise information security policies and supporting standards aligned with applicable industry best practices and regulations.
• Assist the Implementation of the security governance, risk and compliance program as directed with a focus on industry regulations and standards, data privacy and internal policies and standards compliance.
• Operate the enterprise-owned tools that support governance, risk and compliance activities and support service providers in delivering contractual security requirements.
• Identify and evaluate IT security risk factors and ensure adequate & effective IT security controls exists that mitigate these risks and meet current and future compliance requirements.
• Demonstrate knowledge of IT security regulatory requirements like NESA, ISO 27001, PCI DSS, GDPR, ADHICS, etc.
• Provide assurance that IT security risks are effectively identified and addressed in relation to with deployment of new or enhancements in existing information systems and processes.
• Provide support in coordination activities as required for the IT security component of both internal and external audits.
• Support in the development, review and publishing of content for security awareness theme and conduct security awareness trainings & simulation exercises.
• Support the vulnerability detection & remediation program with a focus on vulnerability prioritization and remediation with creation of timely reports & dashboards.