Information Security GRC Specialist (Risk Management)

iSec is Hiring  "Information Security GRC Specialist"  (Risk Management)

Location: Cairo - Egypt
Experience: 2- 4 Years

About the Role:

We're looking for a proactive Risk Management Specialist to join our GRC team at iSec. You'll be responsible for assessing, tracking, and mitigating cybersecurity risks across complex enterprise environments helping clients make smarter, risk-informed decisions.

Job Responsibilities:

• Conduct comprehensive cybersecurity risk assessments for systems, applications, and third-party vendors.
• Conduct architecture review for systems and applications
• Develop and maintain enterprise risk registers with prioritized treatment plans.
• Quantify risk exposure using industry-standard methodologies (FAIR, ISO 27005).
• Design and maintain executive risk dashboards with key risk indicators (KRIs).
• Collaborate with cross-functional teams to assess risk impact on business objectives.
• Implement third-party risk management processes and vendor assessments.
• Monitor emerging threats and vulnerabilities to update risk models.
• Prepare regulatory compliance reports for management and auditors.

Qualification & Skills:

• 2-4 years of hands-on experience in information security risk management.
• Proven experience in conducting Architecture Review.
• Proven expertise with risk frameworks (ISO 27005, NIST RMF, FAIR).
• Strong analytical skills with ability to translate technical risks to business impact.
• Experience developing risk registers and treatment plans.
• Excellent written and verbal communication skills.
• Professional certifications (CRISC, CISSP, ISO 27005 LI).
• Experience with GRC platforms (ServiceNow, RSA Archer, MetricStream).
• Knowledge of risk quantification methods.