Senior GRC Specialist I

Responsibilities

Develop and maintain cybersecurity policies, standards, and guidelines, ensuring alignment with industry frameworks and regulatory requirements.

Conduct technical and IT risk assessments, identifying vulnerabilities in the organization’s systems and recommending mitigation strategies.

Monitor and report on cybersecurity risks and compliance issues, ensuring proactive risk management.

Collaborate with IT and business stakeholders to integrate cybersecurity governance with business objectives.

Maintain and manage the risk register, ensuring risks are documented, assessed, and tracked in alignment with the risk management framework.

Perform continuous follow-ups, conduct regular meetings, and escalate unresolved risks to leadership as necessary.

Develop and implement the security awareness program, providing guidance and training to employees on cybersecurity policies and procedures.

Support incident response activities, participating in investigations and post-incident reviews to enhance security measures.

Engage with external auditors and regulatory bodies, ensuring compliance with cybersecurity laws and standards.

Stay current on cybersecurity trends and best practices, proactively integrating new security measures into the organization.

Requirements

Bachelor’s degree in Computer Science, Information Technology, or a related field.

5–8 years of experience in cybersecurity governance, risk management, and compliance (GRC).

Strong knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001, PCI DSS.

Experience implementing and managing GRC tools and software.

Proficiency in conducting risk assessments and developing mitigation strategies.

Preferred Qualifications

Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.

Familiarity with regulatory compliance standards in cybersecurity across different industries.

Benefits

Rapid learning opportunities.

Hybrid work environment (flexibility to work from home 2 days a week).

Healthcare and other local benefits.

About the Company

Beyond ONE is a digital services provider radically reshaping the personalized digital ecosystems of consumers in high-growth markets around the world. We are building a digital services aggregator platform with a strong telco foundation and a profitable growth strategy. Since being founded in 2021, we have acquired Virgin Mobile MEA, Friendi Mobile MEA, and Virgin Mobile LATAM (with 6.5 million subscribers) and 1600 dedicated colleagues across Chile, Colombia, KSA, Kuwait, Mexico, Oman, Pakistan, and UAE. We are anti-silo, anti-career stagnation, and anti-conventional, looking for individuals with a rebellious spirit, a questioning mind, and a warm heart to disrupt the way we think about our lives for good.