We are seeking a proactive and detail-oriented
Middle IT GRC (Governance, Risk, and Compliance) Specialist
to support and enhance our IT governance framework, risk management processes, and compliance initiatives. The ideal candidate will have hands-on experience in implementing and maintaining IT GRC practices, coordinating audits, and ensuring compliance with industry standards such as
ITIL, COBIT, and ISO 27001
.
Job Description
- Support the implementation and continuous improvement of the IT governance framework.
- Assist in developing, reviewing, and updating IT policies, standards, and procedures.
- Align IT processes with industry best practices, including ITIL, COBIT, and ISO 27001.
- Participate in IT process maturity assessments and improvement initiatives.
- Conduct IT risk assessments across systems, processes, and projects.
- Document, track, and monitor risk treatment plans and mitigation activities.
- Maintain the IT risk register and ensure risks are regularly reviewed and updated.
- Support the development and enhancement of risk methodologies and practices.
Requirements
- Minimum education: Bachelor's degree in IT with a minimum GPA of 3.00
- Minimum of 2 year of experience in a similar field
- Preferably has experience in implementing IT Governance / IT Risk Management / IT Compliance (ITIL, COBIT), ISO 27001, and IT Audit
- Able to perform data analysis and prepare reports
- Proficient in operating MS Office, especially MS Excel, Visio, and capable of preparing good presentations using PowerPoint
- Able to communicate in English
- Possesses good communication skills, is proactive, and shows initiative