**Job Code:** \[T24\-002\-GRC\-Mid] **Job Type:** Hybrid (Office and Remote) **Location:** HQ, Cairo, Egypt **Job Description:** Cyber Force, a leading Managed Security Service Provider (MSSP) and Managed Detection and Response (MDR) provider, is seeking a proactive and knowledgeable Mid\-Level Cybersecurity Governance, Risk, and Compliance (GRC) Analyst. In this pivotal role, you’ll have the opportunity to help shape the cybersecurity posture and compliance strategies of our diverse client base. Your work will span across various industries, helping clients navigate complex regulatory landscapes and bolster their defenses against cyber threats. **Responsibilities:** * Conduct comprehensive risk assessments, identifying vulnerabilities and advising on mitigation strategies to enhance client security postures. * Drive compliance initiatives, ensuring alignment with standards such as PCI\-DSS, ISO27001, and GDPR across client environments. * Participate in the development and review of security policies and procedures, offering expert guidance to ensure best practices are implemented. * Engage in cybersecurity consultation services, including Infrastructure Assessment, Information Security Governance, and Compliance reviews, providing tailored recommendations to meet each client’s unique needs. * Facilitate security awareness training, developing and delivering content that educates customers on the latest cybersecurity threats and prevention techniques. * Collaborate with cross\-functional teams to promote a culture of security and compliance, leveraging your expertise to support both offensive and defensive cybersecurity activities. **Qualifications:** * Strong problem\-solving skills and the ability to think analytically. * Proficient in English, with excellent presentation and communication skills. * A Bachelor’s degree in Computer Science, Information Technology, or a related field. * 2\-3 years of experience in a GRC role within the cybersecurity field. * Familiarity with GRC frameworks and standards, with a solid understanding of regulatory compliance requirements. * Experience with risk management processes and the development of policies and procedures. * Understanding of cybersecurity and IT infrastructure concepts, including Firewalls, IDS/IPS, VPN, and Data Loss Prevention. * Knowledge of security incident handling and response procedures. * Relevant certifications (e.g., CISA, CISSP, CRISC) are highly desirable.