full-width-banner full-width-banner full-width-banner

Explore a world of opportunities

Join one of the world’s leading brand franchise operators

Read more
full-width-banner full-width-banner full-width-banner

Great people, great brands, great future

Start your journey with us

Find vacancies
Explore all opportunities

Work type

Locations

Egypt

Categories

Head Office Functions

Our application process

At Alshaya, we make thousands of job offers every year, and we look forward to welcoming successful candidates to our growing business.

Here are some important facts you need to know about our processes, so you can be sure that your job offer is genuine.

  • We never ask candidates to pay fees or send us money.
  • We never ask candidates to give personal information such as date of birth, address, passport details, bank details, etc.
  • You always deal directly with us and all communication will come from an official ‘@alshaya.com’ email address, or through an affiliated Alshaya agency. To check if you’re dealing with an affiliate, you can email us at alshayajobs@alshaya.com

Receiving a job offer

If your job offer seems too good to be true, it probably is. There are three key things to remember if you suspect an offer is not genuine:

  • Do not contact the original sender
  • Do not provide any personal information
  • Do not make any payment

If you have concerns and wish to confirm a job offer is genuine, email us at alshayajobs@alshaya.com. Please include a photo or screenshot of the message you have received (please do not forward the original).

Note: Please do not send your CV to the email address listed above as it will not be considered as an application for work.

Click here to know more about our Job Offer process.


Administrator-Information Security - Information Security & Risk - Egypt

Apply now
Job Number:
4642036
Work type:
Permanent - Full Time
Location:
Egypt
Categories:
IT

Role Profile:
The GRC Admin will be responsible in implementing, interpreting, and ensuring compliance with information security policies. Assess and prioritize cybersecurity risks, supporting regulatory compliance, and report security metrics, maintaining governance standards, conducting risk assessments for internal systems and third-party vendors, enforcing security policies, and advising leadership on risk strategies such as mitigation, reduction, transfer, exception handling, and residual risk analysis.

The Below Key Performance Areas include but are not limited to:

 Implement a data security & privacy risk reporting framework aligned with ISO standards.
 Design and document controls to ensure compliance with regulatory and internal requirements.
 Facilitate remediation of control gaps and escalate critical issues to leadership.
 Manage exception review processes and ensure periodic documentation and review.
 Prepare for and support regulatory examinations such as PCI DSS.
 Collaborate with auditors and control owners to ensure timely completion of requests.
 Monitor and analyze information security metrics to evaluate program effectiveness.
 Conduct risk assessments to identify vulnerabilities in systems and third-party products.
 Recommend and implement controls to mitigate identified security risks.
 Communicate risk findings and actionable recommendations to stakeholders.
 Support workforce security initiatives including awareness and training programs.
 Facilitate eDiscovery and data collection for investigations of policy violations.
 Analyze security incidents and coordinate remediation and awareness efforts.
 Contribute to the development and lifecycle management of security policies and procedures.
 Collaborate across the organization to implement and enforce security policies.

Knowledge:

 Understanding of ISO standards and frameworks for information security risk reporting.
 Knowledge of designing and implementing technical, administrative, and physical security controls.
 Familiarity with regulatory compliance requirements (e.g., GDPR, PCI DSS) and audit processes.
 Experience in managing exception handling processes and compliance documentation.
 Ability to evaluate and improve the effectiveness of information security programs using metrics.
 Proficiency in conducting and documenting information security risk assessments.
 Knowledge of risk mitigation strategies and control implementation.
 Strong communication skills to convey risk findings and recommendations to stakeholders.
 Awareness of workforce security practices, including training and awareness programs.
 Experience with eDiscovery processes and handling policy violation investigations.
 Analytical skills for incident analysis and coordination of remediation efforts.
 Understanding of policy development, lifecycle management, and enforcement.
 Ability to collaborate across departments to implement security policies effectively.
Experience:
 2 years experience in Information Security Domain
 Graduation Degree/BTech, Computer Science
 Security +, Networking, certifications is added advantage.

Skills:
 Strong knowledge of information security governance, risk assessment, and compliance frameworks (e.g., GDPR, PCI DSS).
 Ability to develop, implement, and manage security policies, controls, and awareness programs.
 Proficiency in conducting risk assessments and analysing security metrics to support decision-making.
 Excellent communication and collaboration skills for working with leadership, auditors, and cross-functional teams.

Advertised: Egypt Daylight Time
Applications close: Egypt Daylight Time

Back Apply now Refer a friend