GRC Commercial Lead

• Lead end‑to‑end implementation of ISO 27001/27701 standards including scoping, planning, and execution

• Conduct comprehensive risk assessments and develop mitigation plans aligned with control frameworks

• Develop, review, and update information security policies, procedures, and guidelines in compliance with ISO standards

• Plan and conduct internal ISMS audits and monitor corrective and preventive actions (CAPAs)

• Deliver training and awareness sessions on information security roles, responsibilities, and best practices

• Prepare regular status reports and presentations for senior leadership on ISMS progress and compliance