Managed Services – Cybersecurity Managed GRC Services & Awareness – Senior Associate

Job Summary:

What does this role aim to achieve in the firm/what impact does the role create 

This role requires a professional with 3–4 years of experience who can support clients in implementing and managing GRC solutions and developing awareness programs to strengthen cybersecurity resilience. Proficiency in tools such as RSA Archer, ServiceNow, and MS Purview is essential, and familiarity with awareness platforms like KnowBe4, CoFense, or ProofPoint is an added advantage. The ideal candidate will have experience in delivering cybersecurity managed services.

Roles and Responsibilities:

Daily tasks and delivery expectation 

Managed GRC Services Delivery:

• Lead the implementation, operation, and continuous improvement of GRC platforms such as RSA Archer, ServiceNow, and MS Purview in a managed services capacity.

• Perform risk assessments, compliance tracking, and audits to help clients manage regulatory requirements and mitigate risks effectively.

• Design and maintain workflows, dashboards, and reporting systems that align with client needs and industry best practices.

Compliance and Risk Management:

• Develop and implement governance frameworks tailored to client industries and regional regulatory requirements.

• Support clients in aligning with standards such as ISO 27001, NIST CSF, and CIS Controls, ensuring GRC processes remain scalable and sustainable.

• Monitor and track risks, controls, and remediation plans, providing regular updates and actionable recommendations to clients.

Client Collaboration:

• Act as a GRC advisor for clients, delivering insights into risk and compliance gaps and offering strategic recommendations to strengthen security postures.

• Deliver regular reports showcasing performance metrics, compliance trends, and areas of improvement to demonstrate the value of managed GRC services.

Service Optimization:

• Continuously refine managed GRC services to improve efficiency, scalability, and client satisfaction.

• Leverage automation tools and integrations to reduce manual efforts and enhance the effectiveness of GRC processes.

Awareness Program Support (Secondary Focus):

• Provide supplementary support for managed cybersecurity awareness programs using tools like KnowBe4, CoFense, and ProofPoint, when required.

• Assist in integrating awareness components into broader GRC frameworks to enhance organizational security culture.

Expected Skills:

Specific learned abilities or technical skills 

• Hands-on experience with GRC platforms such as RSA Archer, ServiceNow, and MS Purview for risk and compliance management.

• Familiarity with awareness platforms like KnowBe4, CoFense, or ProofPoint (preferred).

• Knowledge of cybersecurity frameworks such as ISO 27001, NIST CSF, and CIS Controls.

• Understanding of phishing simulation tools, regulatory compliance requirements, and risk assessment methodologies.

• Strong analytical skills to interpret data and provide actionable recommendations.

• Excellent communication and presentation skills to convey GRC and awareness insights to clients and stakeholders.

• Ability to manage multiple projects and priorities in a dynamic environment.

• Proactive mindset with a focus on delivering measurable results.

Expected Competencies:

Values, behaviors & attitude

• Leadership

• Strategic mindset 

• Stakeholder management

• Ability to influence

• Communicate with impact 

• Project management

• Results driven

• Drive organizational excellence

Required Language Skills:

Proficient in written and spoken English. Arabic is a plus

Minimum Education and Specific Qualification:

• Bachelor’s degree in Cybersecurity, Information Technology, or a related field.

• Relevant certifications such as CompTIA Security+, CEH, or equivalent.

• 3–4 years of experience in cybersecurity, with a focus on GRC services or awareness program development.

Years of Experience: 3-4 years