Expleo

IT Business Analyst - Governance, Risk and Compliance (ISO 27001)

Job Locations
AE-DU-Dubai
Job area
Quality & Testing
Employment type
Permanent or Fixed Term Contract
Workplace
On-Site
ID
2025-44678

Overview

IT Business Analyst - Governance, Risk and Compliance (ISO 27001)

Responsibilities

  • Supporting the implementation and maintenance of GRC frameworks (like ISO 27001, SOC 2, NIST, etc.) within the organization. 

    • Compliance Monitoring:

    Tracking and monitoring compliance with relevant laws, regulations, and industry standards. 

    • Risk Assessment and Mitigation:

    Identifying, assessing, and mitigating IT-related risks, working with stakeholders to develop and implement risk mitigation strategies. 

    • Policy and Procedure Development:

    Contributing to the development and maintenance of information security policies, procedures, and related documentation. 

    • Data Analysis and Reporting:

    Analyzing data related to GRC activities, creating reports, and providing insights to support decision-making. 

    • Stakeholder Collaboration:

    Collaborating with IT, legal, and other business units to integrate GRC requirements into business processes. 

    • Training and Awareness:

    Contributing to the development and delivery of training programs to enhance awareness of GRC principles and practices. 

    • Process Improvement:

    Identifying opportunities to improve the efficiency and effectiveness of GRC processes. 

     

Qualifications

UG or PG

Essential skills

  • Strong analytical and problem-solving skills: Ability to analyze complex data, identify issues, and develop solutions. 
  • Excellent communication and interpersonal skills: Ability to communicate effectively with both technical and non-technical stakeholders. 
  • Knowledge of GRC frameworks and regulations: Understanding of relevant standards like ISO 27001, NIST, GDPR, etc. 
  • Experience with GRC tools: Familiarity with GRC software and platforms. 
  • Business acumen: Understanding of business processes and how they relate to GRC. 
  • Project management skills: Ability to manage projects related to GRC initiatives. 
  • Data analysis and reporting skills: Ability to analyze data, create reports, and present findings. 
  • Technical background: While not always required, a basic understanding of IT systems and infrastructure is often helpful. 

 

Desired skills

-- Past project experience in UAE/Middle East projects

Experience

11+ years

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share to social media

Can't find the job of your choice?
Upload your C.V. / Resume here for our recruiters to view.