IT GRC Specialist

IT GRC Specialist

Company Description

Morison Menon Chartered Accountants and Partners is a prestigious professional services firm in Qatar. With operations since 2007, we offer a host of services including audit, advisory, and AML policy formulation. Our experts leverage their extensive industry experience to deliver cutting-edge services with a global presence spanning 88 countries.

Role Description

This is a full-time on-site role for an IT GRC Specialist at Morison & Partners in Doha, Qatar. The IT GRC Specialist will be responsible for network administration, troubleshooting, ensuring network security, and providing high-quality customer service.

- Assessing and analyzing IT systems, processes,





and controls to identify areas of risk and non-compliance.
- Developing and implementing IT governance frameworks and strategies to ensure adherence to regulatory requirements, industry standards, and best practices.
- Conducting risk assessments and gap analyses to identify vulnerabilities and recommend mitigation measures.
- Collaborating with cross-functional teams to design and implement IT controls and security measures.
- Providing guidance and support in the development and implementation of IT policies, procedures, and processes.
- Monitoring and evaluating the effectiveness of IT controls and compliance programs.
- Conducting audits and assessments to ensure compliance with internal policies and external regulations.
- Providing recommendations for improving IT governance, risk management, and compliance practices.
- Keeping up to date with industry trends and emerging technologies in IT GRC.
- Training and educating staff on IT governance, risk management, and compliance practices.

Qualifications







- Bachelor’s degree in computer science, Information Systems, or a related field.
- Proven experience working as an IT GRC Specialist or in a similar role with a minimum of 8 years of experience.
- In-depth knowledge of IT governance, risk management, and compliance frameworks (e.g., COBIT, ISO 27001, NIST).
- Familiarity with industry regulations and standards (e.g., GDPR, HIPAA, PCI DSS).
- Strong understanding of IT security principles and best practices.
- Excellent analytical and problem-solving skills.
- Ability to communicate complex IT concepts to non-technical stakeholders.
- Strong attention to detail and organizational skills.
- Professional certifications such as CISA, CISM, CISSP, or CRISC are preferred.
- Language - English