Head Of Information - GRC | EIT
at Al Futtaim Group in
Job highlightsPosted on October 6, 2020
About the Role
The role will play an integral part in managing the security program as a whole, and provide oversight and validation of control effectiveness within Security. Manage and mature the second line of defense risk and internal controls program. Support and align with CISO for all management reporting.
About the Task
Work cross-functionally and throughout all levels within the organization. Represent Risk and Security Governance to all levels of the organization, including Executive Management.
Identify and report internal control deficiencies and gaps. Validate remediation plans with the risk owner.
Conduct regular reviews to identify adherence or gap in information security implementation
Create, maintain and regularly communicate Information Security Policies, Standards and Process
Manage the organisation wide Information Security Awareness training
Implement and manage the Information GRC tool
Manage all security related audits (internal, external, regulatory, etc.)
Communicate regular status updates and results to management.
Enhance and develop new methods of governance and assurance.
Track the Risk Acceptance Form (RAF) process for Security-related exceptions to policies
Develop, monitor, and report on key metrics (KPIs and KRIs) for risk, compliance and operating effectiveness of internal controls
Create, maintain and regularly communicate IT Risk Management Framework and Risk Register
To stay safe in your job search, information on common scams and to get free expert advice, we recommend that you visit SAFERjobs, a non-profit, joint industry and law enforcement organization working to combat job scams.