# Information Security Governance Analyst > SSC HR Solutions · Al Obour City, Egypt · — · Posted 2026-03-18 **Workplace:** on_site **Department:** Information Technology ## Description **Job Purpose:** Support the implementation, monitoring, and continuous improvement of information security governance, risk management, and compliance program. This role contributes directly to maintaining ISO 27001:2022 certification, supporting surveillance and external audits, driving KPI/KRI reporting, and enabling the maturity and scalability of GRC processes. Job Responsibilities: ▪ Support the development, implementation, and enhancement of the Information Security Management System (ISMS) in line with ISO 27001:2022 . ▪ Assist in maintaining GRC policies, procedures, and standards aligned with regulatory and business requirements ▪ Gather and report on security-related KPIs and KRIs to monitor control effectiveness and program health ▪ Participate in risk assessments, maintain the risk register, and support mitigation tracking ▪ Contribute to internal and external audit readiness, including ISO surveillance visits ▪ Collaborate with internal stakeholders to promote security awareness and compliance culture ▪ Support the implementation and use of GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust) ▪ Engage with ongoing projects to support secure development practices, compliance checks, and risk registers ▪ Prepare documentation and participate in quarterly ISMS and GRC reporting cycles ▪ Operates under the direction of the GRC Manager with a focus on execution and coordination, not strategic program ownership **Job Skills and Abilities:** \-        Basic understanding of ISO 27001and risk frameworks \-        Awareness of data protection laws \-         Familiarity with risk management processes \-        Clear communication and cross-functional collaboration \-        Analytical and documentation skills \-        Process-focused, detail-oriented mindset \-        Ability to coordinate across departments on compliance topics \-        Ability to manage multiple assignments under supervision \-        Ability to collect and maintain reliable compliance data ## Requirements **Qualifications**: \-        Bachelor’s degree in computer science engineering \-        2–6 years of experience in information security, risk management, or GRC roles \-        Exposure to ISO 27001. \-        Experience with GRC platforms (e.g., ServiceNow GRC, Archer, OneTrust) is a plus \-        Certifications preferred: ISO/IEC 27001 Foundation or Implementer, CompTIA Security+, CISA, CRISC ## Apply [Apply at SSC HR Solutions](https://apply.workable.com/ssc-hr/j/7B51821B3A/apply) --- Powered by [Workable](https://www.workable.com)