SOC Governance & GRC Specialist

Bvm Outsourcing Services

We are seeking a seasoned SOC Governance & GRC Specialist to design, implement, and strengthen Security Operations Center (SOC) governance frameworks. The role requires deep expertise in cybersecurity governance, risk, compliance (GRC), SOC audits, and consulting, ensuring alignment with international standards and regulatory requirements.

Key Responsibilities

• Define and implement SOC governance policies, procedures, and operational standards aligned with industry best practices (ISO 27001, NIST, CIS, etc.).
• Develop and maintain governance frameworks, including roles, responsibilities, escalation matrices, and reporting structures.
• Ensure seamless integration of governance controls with SIEM, SOAR, and UEBA platforms.
• Conduct SOC maturity assessments, audits, and gap analysis to evaluate operational effectiveness and compliance posture.
• Lead risk assessments and compliance reviews across SOC operations.
• Provide consulting and advisory support to internal and client stakeholders on SOC governance and GRC frameworks.
• Deliver training sessions and knowledge transfer programs for client teams on governance processes and controls.
• Prepare and present governance reports, dashboards, and audit findings to leadership.
• Collaborate with cross-functional teams to ensure continuous improvement of SOC processes.
• Ensure adherence to regulatory and contractual compliance requirements.

Required Skills & Competencies

• Strong expertise in GRC (Governance, Risk & Compliance) frameworks.
• Hands-on experience with SOC audits, assessments, and consulting engagements.
• Knowledge of SIEM, SOAR, and UEBA technologies.
• Familiarity with standards such as:
• ISO 27001 / 27002
• NIST CSF / NIST 800-53
• CIS Controls
• Strong understanding of risk management, control design, and compliance frameworks.
• Excellent stakeholder management and communication skills.
• Ability to create policies, SOPs, and governance documentation from scratch.