Companies Nawy Real Estate Cyber Security GRC Lead

About the role

Nawy Real Estate

We are seeking an experienced GRC Lead to drive governance, risk, and compliance activities

in Nawy. This role ensures that security risks are identified, assessed, and managed while

maintaining compliance with relevant regulatory and industry standards.

The GRC lead leads the risk governance initiatives, oversees audits, develops policies,

manages security awareness, and partners closely with engineering, product, and legal teams

to ensure secure-by-design operations across the entire organization.

Responsibilities

● Maintain an enterprise-wide information security governance & ISMS framework that

aligns with business objectives, regulatory requirements, and industry best practices.

● Develop, maintain, and enforce security policies, standards, and procedures.

● Lead strategic planning initiatives for security risk management, ensuring alignment

with ISO 27001 requirements.

● Design, implement, and manage a security risk management framework that includes

risk assessments, control evaluations, and mitigation strategies.

● Oversee and continuously improve the processes for vendor security risk assessments,

ensuring third-party risks are effectively managed.

● Develop and monitor key risk indicators (KRIs) and performance metrics to evaluate the

effectiveness of security controls and risk mitigation efforts.

● Oversee the development, implementation, and ongoing management of the

organization’s security policies.

● Prepare and lead the organization’s readiness for external and internal security audits,

including ISO 27001 certification audits.

● Build and run security awareness and phishing simulation programs and promote an

organization-wide culture of security accountability.

● Ensure ongoing compliance with local regulatory frameworks, including those issued by

CBE, FRA, and related bodies.

Requirements

● At least 4 years of experience in GRC, information security risk management or security

compliance roles.

● Certifications: Relevant certifications such as CISSP, CISM, CRISC, or CISA are

preferred.

● Demonstrated experience with ISO 27001 implementation, security audits, and vendor

security risk assessments.

● Solid understanding of cloud architectures and security controls across AWS and

Google Cloud Platform (GCP).

● Familiarity with regulatory requirements in Egypt and international data protection

laws.

● University/college degree in a relevant professional field.

● Excellent communication skills in English, both written and spoken.

Ready to apply to Nawy Real Estate?
Apply to Nawy Real Estate

Similar jobs

Sign up for suggestions tailored to the jobs you open and the searches you save.

Apply now
🤖

Whoa — hold up

JobsRadar was built for real people having a rough time in their job search — not for automated requests. You're clicking way too fast and you're now temporarily blocked.

Come back later. If you're genuinely job hunting, we've got your back — just act like a human.

Catch your next role the second it’s posted.

Create a free account and we’ll watch the boards for you — the instant a job matches your search, it lands in your inbox or Telegram. No digging, no refreshing.

Create free account

Free forever · takes 30 seconds · already have one?

Get the worldwide-remote edge.

Join our Telegram channel for the stuff that helps you land the role — salary benchmarks, the weekly market pulse, and new-feature drops. No spam, just signal.

Join the channel — it's free