Cybersecurity GRC Specialist

We don’t think about job roles in a traditional way. We are anti-silo. Anti-career stagnation. Anti-conventional. 

Beyond ONE is a digital services provider radically reshaping the personalised digital ecosystems of consumers in high growth markets around the world. We’re building a digital services aggregator platform, with a strong telco foundation, and a profitable growth strategy that empowers users to drive their own experience—subscribe once, source from many, and only pay for what you actually use. 

Since being founded in 2021, we’ve acquired Virgin Mobile MEA, Friendi Mobile MEA and Virgin Mobile LATAM (with 6.5 million subscribers) and 1600 dedicated  colleagues across Chile, Colombia, KSA, Kuwait, Mexico, Oman and UAE. 

To disrupt for good takes a rebellious spirit, a questioning mind and a warm heart. We really care about how to get things done and not who manages who. We benefit from our diversity, and together, we disrupt the way we and others thinkin about our lives for good.  

Do you want to exchange ideas, learn from each other and leave your mark on our journey? This is the place for you. 

Why this role matters:

As a Cybersecurity GRC (Governance, Risk, and Compliance) Professional, you will play a key role in developing and overseeing the organization's cybersecurity governance, risk management, and compliance programs. Your contributions will help shape the cybersecurity posture of the organization, ensuring compliance with CRF, CSCC, ECC, NDMO, and other regulatory requirements while mitigating risks that could impact business operations.

What success looks like:

In your first year, you will:

• Develop and implement cybersecurity policies and procedures that align with industry best practices and regulatory requirements.
• Enhance the organization’s risk management framework, ensuring vulnerabilities are identified, tracked, and mitigated.
• Strengthen compliance and risk reporting mechanisms, providing clear visibility into cybersecurity risks for senior leadership.

Why this is for you:

If you're keen on solving complex cybersecurity challenges while ensuring regulatory compliance, hit us up. We're looking for someone ready to tackle this challenge head-on and make an impact from day one.

Key Responsibilities

In this role, you will:

• Develop and maintain cybersecurity policies, standards, and guidelines, ensuring alignment with industry frameworks and regulatory requirements.
• Conduct technical and IT risk assessments, identifying vulnerabilities in the organization’s systems and recommending mitigation strategies.
• Monitor and report on cybersecurity risks and compliance issues, ensuring proactive risk management.
• Collaborate with IT and business stakeholders to integrate cybersecurity governance with business objectives.
• Maintain and manage the risk register, ensuring risks are documented, assessed, and tracked in alignment with the risk management framework.
• Perform continuous follow-ups, conduct regular meetings, and escalate unresolved risks to leadership as necessary.
• Develop and implement the security awareness program, providing guidance and training to employees on cybersecurity policies and procedures.
• Support incident response activities, participating in investigations and post-incident reviews to enhance security measures.
• Engage with external auditors and regulatory bodies, ensuring compliance with cybersecurity laws and standards.
• Stay current on cybersecurity trends and best practices, proactively integrating new security measures into the organization.
   

Qualifications & Attributes:

We’re seeking someone who embodies the following:

Education:

• Bachelor’s degree in Computer Science, Information Technology, or a related field.

Experience:

• 5–8 years of experience in cybersecurity governance, risk management, and compliance (GRC).

Technical Skills:
Must-haves:

• Strong knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001, PCI DSS.
• Experience implementing and managing GRC tools and software.
• Proficiency in conducting risk assessments and developing mitigation strategies.

Nice-to-haves:

• Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification.
• Familiarity with regulatory compliance standards in cybersecurity across different industries.

Unique Attributes:

• Thrives in high-stakes environments, balancing compliance with business needs.
• Possesses strong analytical and problem-solving skills to assess and address security risks.
• Excels in cross-functional collaboration, effectively communicating cybersecurity requirements to technical and non-technical stakeholders.

What we offer:

• Rapid learning opportunities - we enable learning through flexible career paths, exposure to challenging & meaningful work that will help build and strengthen your expertise.
• Hybrid work environment - flexibility to work from home 2 days a week.
• Healthcare and other local benefits offered in market.

By submitting your application, you acknowledge and consent to the use of Greenhouse & BrightHire during the recruitment process. This may include the storage and processing of your data on servers located outside your country of residence. For further information, please contact us at dataprivacy@beyond.one.