Governance, Risk and Compliance (GRC) professional with hands-on experience supporting ISO 27001 implementation and Central Bank of Jordan (CBJ) cybersecurity requirements. Currently working as a GRC Officer, contributing to risk assessment, control design, policy development, and compliance reporting.
GRC Officer with experience in supporting ISMS implementation and continuous improvement aligned with ISO/IEC 27001:2022 and CBJ cybersecurity regulations. Experienced in conducting risk assessments, maintaining risk registers, supporting internal controls alignment, and preparing audit/compliance evidence. Strong documentation, reporting, and stakeholder engagement skills, with a solid technical security foundation (basic SIEM monitoring, log analysis, and vulnerability scanning support).
- Supported ISO 27001 ISMS implementation and continuous improvement, including documentation and evidence readiness for assessments/audits.
- Conducted information security risk assessments and updated the risk register with owners and treatment plans.
- Assisted in aligning internal controls with CBJ cybersecurity requirements and documenting compliance evidence.
- Drafted, reviewed, and updated information security policies, procedures, and guidelines.
- Performed gap analyses against ISO 27001/CBJ requirements and supported control matrices and compliance reports.
- Supported security operations tasks (log monitoring, vulnerability scans documentation, remediation tracking) during IT security internship.