Governance, Risk, and Compliance (GRC) Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
QatarEnergy LNG seeks a GRC Specialist to manage information security audits, compliance programs, and risk management. The role requires 5-8 years of experience in cybersecurity governance, ISO 27001, and PCI-DSS.
Key Skills for This Role
Responsibilities
- Develop and maintain IT security audit and compliance programs
- Plan, coordinate, and execute information security audit activities
- Conduct security compliance audits for systems, networks, and applications
- Monitor cybersecurity maturity and compliance posture
- Identify security risks, vulnerabilities, and compliance gaps
- Prepare audit reports and compliance status updates for management
- Liaise with internal and external audit teams
Requirements
- Bachelor's degree in IT, Computer Science, Cybersecurity, or related field
- 5 8 years of experience in Information Security Governance, Risk Management, Compliance, or Audit
- Hands on experience with ISO 27001 ISMS implementation
- Experience with Qatar NIA framework
- Experience with PCI DSS compliance and certification
- Knowledge of data privacy and protection requirements
- Experience conducting information security risk assessments
- Experience with ICOFR reviews and audits
- Experience with GRC platforms is an advantage
- Preferred certifications: CISA, CISSP, CISM, CGEIT, ISO 27001 Lead Auditor
Full Job Posting
Job Overview
- The IT Security Audit & Compliance Specialist manages information security audits, compliance programs, cybersecurity governance, and risk management.
- The role ensures compliance with security standards, regulatory requirements, data protection policies, and internal governance frameworks.
Key Responsibilities
- Develop and maintain comprehensive IT security audit and compliance programs.
- Plan, coordinate, and execute information security audit activities.
- Define audit scope, objectives, methodologies, and work plans.
- Develop and implement audit test plans for systems, applications, infrastructure, and cloud environments.
- Conduct security compliance audits for critical systems, networks, and applications.
- Maintain audit schedules, documentation, evidence collection, and reporting processes.
- Ensure timely closure of audit findings, non compliance issues, and remediation activities.
- Ensure compliance with organizational policies, regulatory requirements, contractual obligations, and security standards.
- Monitor cybersecurity maturity and compliance posture across operational and technical environments.
- Build and maintain controls matrices aligned with multiple security and compliance frameworks.
- Identify security risks, vulnerabilities, and compliance gaps, and recommend corrective actions.
- Conduct vulnerability and compliance assessments and coordinate remediation activities.
Qualifications & Experience
- Bachelor's degree in Information Technology, Computer Science, Cybersecurity, Information Security, Risk Management, or related discipline.
- 5–8 years of experience in Information Security Governance, Risk Management, Compliance, Internal Controls, Audit, or Cybersecurity.
- Hands on experience in implementing, managing, or maintaining ISMS based on ISO/IEC 27001.
- Experience in Qatar NIA framework implementation, compliance monitoring, control assessment, and audit readiness.
- Experience in PCI DSS compliance and certification implementation.
- Knowledge of Data Privacy and Protection requirements.
- Proven experience conducting information security risk assessments, risk treatment planning, and maintaining risk registers.
- Experience supporting or coordinating ICOFR reviews, audits, control testing, and remediation activities.
- Experience coordinating internal audits, external audits, certification audits, and regulatory assessments.
- Knowledgeable in reviewing audit evidence from various technology platforms.
Technical Knowledge
- Strong understanding of information security frameworks and standards (ISO 27001/27002, NIST, CIS Benchmarks).
- Mandatory hands on knowledge of cloud security environments, IAM and PAM technologies, DLP solutions, and enterprise productivity and collaboration platforms.
Preferred Certifications
- CISA, CISSP, CISM, CGEIT, cloud security certifications, ISO 27001 Lead Auditor or equivalent.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Starlink Qatar
Technical Analyst
Doha, QAT
Starlink Qatar is hiring a Technical Analyst to support service delivery administrative operations. The role requires 3+ years of IT experience, bilingual English and Arabic skills, and proficiency in MS Office Suite.
Field Force Manager
Doha, QAT
Starlink Qatar seeks a Field Force Manager to lead Enterprise Field Operations in a 24x7 Telecom Managed Services environment. The role is accountable for end-to-end field service delivery, SLA/KPI achievement, workforce
Service Delivery Manager
Doha, QAT
Starlink Qatar is seeking a Service Delivery Manager to lead end-to-end delivery of Enterprise ICT Managed Services. The role requires 12+ years in telecom, 5+ years as SDM, and ITIL 4 MP/SL and PMP certifications. Respo
Treasury Analyst
Doha, QAT
Starlink Qatar is looking for a Treasury Analyst to perform accurate and timely reconciliation of financial transactions across all major payment channels. This high-level analytical role requires deep expertise in treas
Cloud Architect
Doha, QAT
Starlink Qatar seeks a Cloud Architect to design, implement, and manage secure, scalable multi-cloud and hybrid-cloud architectures across Azure, GCP, and on-premises HCI platforms. The role requires deep expertise in cl
Network Technician
Doha, QAT
Starlink Qatar seeks an experienced Network Technician for expert installation, maintenance, and repair of passive network infrastructure including UTP, FOC, and LAN cabling. The role requires 8+ years of IT support expe
Senior TIBCO Developer (Remote)
Doha, QAT
We are looking for an experienced Senior Tibco Developer to join our team in a fully remote role. You will design, develop, test, and maintain Tibco integration solutions across complex enterprise environments, working w
Commercial Manager - Telecommunications
Doha, QAT
Starlink Qatar seeks a Commercial Manager to lead commercial, financial, and contractual management of large-scale Telecommunications and ICT projects. The role involves pricing strategies, financial modeling, contract n
Technical Analyst
Doha, QAT
Field Force Manager
Doha, QAT
Service Delivery Manager
Doha, QAT
Treasury Analyst
Doha, QAT
Cloud Architect
Doha, QAT
Network Technician
Doha, QAT
Senior TIBCO Developer (Remote)
Doha, QAT
Commercial Manager - Telecommunications
Doha, QAT