14 Compliance jobs in Kuwait

Responsibilities Government Relations & Compliance Management: Establish and maintain connections with key government departments related to food delivery. Navigate local regulatory frameworks, ensuring Keeta is fully compliant with transportation, health and labor laws. Act as the main liaison between Keeta and logistic relevant authorities to facilitate business operations and approvals. Ensure that all compliance processes are properly documented and followed.

Regulatory & Legal Support: Provide guidance and support in obtaining necessary permits and certifications, including health cards for riders and food safety approvals for delivery operations. Assist in the preparation and submission of regulatory filings and documentation to local authorities. Keep track of any changes in relevant laws and regulations and advise internal teams on necessary adaptations.

Process Optimization: Collaborate with local authorities to streamline the compliance process and ensure timely approvals for new operations or service expansions. Identify potential risks or gaps in compliance and propose solutions to mitigate these risks effectively.

Qualifications

Experience:

At least 2 years of experience in government relations, regulatory affairs, or similar roles.

Experience working with local authorities, particularly in sectors such as transportation, delivery regulations in Kuwait, is highly preferred.

Familiarity with the Kuwaiti delivery industry and its regulatory landscape is a strong plus.

Skills:

Strong communication and interpersonal skills to build relationships with key stakeholders.

Ability to navigate complex regulatory environments and identify opportunities for process improvement.

Proficiency in English; Arabic is a plus.

Knowledge of Kuwait’s labor and transportation.

Education:

Bachelor’s degree in Law, Public Administration, Business, or a related field.

Relevant certifications or experience in regulatory affairs or compliance are a plus.

#J-18808-Ljbffr

Field:

Corporate

Contract Type:

Full Time - Permanent

Location:

Closing Date:

21-Sep-2025

The Company

Ooredoo is an organization on the move. Thanks to our dedicated employees, we continue to move closer towards our vision to be among the top 20 telecommunications companies in the world by 2020.

We are a dynamic global telecommunications player operating in 17 countries across the Middle East, North Africa (MENA) and Asia. We cover a population of more than half a billion people and serve more than 68 million customers.

In Kuwait, we employ approximately 1,000 talented people, all of whom are driving Ooredoo to be the number one choice for world-class communications services in Kuwait. In the face of intensifying competition, increasingly sophisticated technology and rising customer expectations, nothing is more important to our success than our team – and it's a team that you can be part of.

Ooredoo's future is bright, and you can be part of our ongoing success

The Role

Develop and execute an effective and robust strategy for enterprise risk management in OK. In addition to put in place risk awareness, identification and resolution processes across all parts of the organisation which will ensure risk is mitigated in all parts of the business limiting revenue losses and maximizing returns, with strong emphasis on educating and implementing systems which will continually strengthen and improve ERM awareness and successes

Key Accountabilities

Development and implementation of company level ERM strategy and Road Maps and ensuring they are effectively executed. Including leading and supporting the initiative to increase the level of Risk Management Maturity level in accordance with approved Board and Group guidance.

support the business to implement effective risk registers that will enable the development and maintenance of a company-wide risk register

Ensuring the integration of risk management into the business processes to assist in the risk management decision making based upon identified key risks, both specific and general.

Work closely with the management to identify, prioritize, analyse, treat, monitor, validate and address strategic, financial, compliance and operational risk across all facets of the business.

Participate in development and dissemination of communications across the organization to promote and build a proactive approach to risk identification and mitigation.

Providing information on program status of ERM initiatives.

Benchmark Risk Management practices, providing strategies for improvements where needed.

Ensure the compliance of OK activities with the approved Group ERM framework.

Ensure the implementation of ERM best practice.

Participate in global telecommunication forums and risk management educational programs to stay abreast of emerging issues affecting the telecommunication industry.

Pursue professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers.

Proactively take responsibility for self-improvement by staying well-informed of developments, knowledge and innovations in relevant field of expertise.

Other duties as directed by the Head of Risk Management.

Qualifications & Requirements

Bachelor's degree business/accounting/finance/risk management or economics related discipline, or Computer Science /Operational Management.

Professional qualifications in risk management, would be an advantage.

At least 6 years’ experience directly related to Enterprise Risk Management, preferably in the telecommunications industry.

Proven demonstrable experience in developing ERM strategies and processes.

Significant knowledge of Risk Management models and their implementation.

Other Information

Development of ERM strategies, road maps and Risk Appetite.

Risk Identification and prioritization.

Quantitative and Qualitative Risk Analysis.

Treatment options and Risk Monitoring.

Establishment of Risk Registers and ERM Management tools.

Strong interpersonal and communication skills and the ability to work effectively with a wide range of cultures in a diverse community, including ability to foster a cooperative work environment.

Ability to make effective and persuasive speeches and presentations to boards and senior management.

Ability to conduct risk awareness and risk analysis workshops.

A complete understanding of ISO 3100 and COSO Frameworks.

Mature ability to work collaboratively with management teams throughout the organization and to be seen as a valuable expert resource.

Business & Financial Acumen

Understand risk management model; adapt a model to the organization’s needs; understand how risk creates value. Know the risk management process of creating a risk program, analysing risks, identifying solutions, using a decision process, and system administration.

Link risk initiatives into critical business drivers; perform risk identification, measurement, and analysis applying statistical concepts; create valid risk forecasts; perform risk mapping and risk profiling; determine the cost of risk.

The ability to apply risk control theories to create prevention, reduction, enablement, and enhancement tactics; can create emergency response and business continuity plans.

Understand the techniques, frameworks and processes for optimizing risk taking decisions within the organization.

Understand how to successfully design and implement projects; can prepare risk management report.

Implement and operate comprehensive risk management systems

Note: you will be required to attach the following: #J-18808-Ljbffr

Field: Corporate Contract Type: Full Time - Permanent Location: Closing Date: 21-Sep-2025 The Company

Ooredoo is an organization on the move. Thanks to our dedicated employees, we continue to move closer towards our vision to be among the top 20 telecommunications companies in the world by 2020. We are a dynamic global telecommunications player operating in 17 countries across the Middle East, North Africa (MENA) and Asia. We cover a population of more than half a billion people and serve more than 68 million customers. In Kuwait, we employ approximately 1,000 talented people, all of whom are driving Ooredoo to be the number one choice for world-class communications services in Kuwait. In the face of intensifying competition, increasingly sophisticated technology and rising customer expectations, nothing is more important to our success than our team – and it's a team that you can be part of. Ooredoo's future is bright, and you can be part of our ongoing success The Role

Develop and execute an effective and robust strategy for enterprise risk management in OK. In addition to put in place risk awareness, identification and resolution processes across all parts of the organisation which will ensure risk is mitigated in all parts of the business limiting revenue losses and maximizing returns, with strong emphasis on educating and implementing systems which will continually strengthen and improve ERM awareness and successes Key Accountabilities

Development and implementation of company level ERM strategy and Road Maps and ensuring they are effectively executed. Including leading and supporting the initiative to increase the level of Risk Management Maturity level in accordance with approved Board and Group guidance. support the business to implement effective risk registers that will enable the development and maintenance of a company-wide risk register Ensuring the integration of risk management into the business processes to assist in the risk management decision making based upon identified key risks, both specific and general. Work closely with the management to identify, prioritize, analyse, treat, monitor, validate and address strategic, financial, compliance and operational risk across all facets of the business. Participate in development and dissemination of communications across the organization to promote and build a proactive approach to risk identification and mitigation. Providing information on program status of ERM initiatives. Benchmark Risk Management practices, providing strategies for improvements where needed. Ensure the compliance of OK activities with the approved Group ERM framework. Ensure the implementation of ERM best practice. Participate in global telecommunication forums and risk management educational programs to stay abreast of emerging issues affecting the telecommunication industry. Pursue professional development opportunities, including external and internal training and professional association memberships, and shares information gained with co-workers. Proactively take responsibility for self-improvement by staying well-informed of developments, knowledge and innovations in relevant field of expertise. Other duties as directed by the Head of Risk Management. Qualifications & Requirements

Bachelor's degree business/accounting/finance/risk management or economics related discipline, or Computer Science /Operational Management. Professional qualifications in risk management, would be an advantage. At least 6 years’ experience directly related to Enterprise Risk Management, preferably in the telecommunications industry. Proven demonstrable experience in developing ERM strategies and processes. Significant knowledge of Risk Management models and their implementation. Other Information

Development of ERM strategies, road maps and Risk Appetite. Risk Identification and prioritization. Quantitative and Qualitative Risk Analysis. Treatment options and Risk Monitoring. Establishment of Risk Registers and ERM Management tools. Strong interpersonal and communication skills and the ability to work effectively with a wide range of cultures in a diverse community, including ability to foster a cooperative work environment. Ability to make effective and persuasive speeches and presentations to boards and senior management. Ability to conduct risk awareness and risk analysis workshops. A complete understanding of ISO 3100 and COSO Frameworks. Mature ability to work collaboratively with management teams throughout the organization and to be seen as a valuable expert resource. Business & Financial Acumen Understand risk management model; adapt a model to the organization’s needs; understand how risk creates value. Know the risk management process of creating a risk program, analysing risks, identifying solutions, using a decision process, and system administration. Link risk initiatives into critical business drivers; perform risk identification, measurement, and analysis applying statistical concepts; create valid risk forecasts; perform risk mapping and risk profiling; determine the cost of risk. The ability to apply risk control theories to create prevention, reduction, enablement, and enhancement tactics; can create emergency response and business continuity plans. Understand the techniques, frameworks and processes for optimizing risk taking decisions within the organization. Understand how to successfully design and implement projects; can prepare risk management report. Implement and operate comprehensive risk management systems Note: you will be required to attach the following: #J-18808-Ljbffr

Senior Information Security Analyst - Compliance & GRC

We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our central Governance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities

• Compliance and GRC Management: Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks
• Ensure the organization's compliance with all relevant local, regional, and international regulations and standards, ISO 27001, ISO 22301
• Act as the primary auditee and point of contact for all internal and external information security audits
• Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets
• Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

• Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on-premise servers (Windows, Linux), databases, and network devices
• Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses
• Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)
• Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging
• Apply strong knowledge of secure configuration baselines and hardening standards (CIS Benchmarks) for operating systems, web servers, and network equipment

Role Summary

We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our central GRC resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Qualifications

• Education: Candidate must possess at least a Bachelor of Science or Bachelor of Computer Application
• Experience: A minimum of 5 - 10 years of experience in a similar environment
• Domain: Experience in Government Sector or Private Sector with Enterprise data Center Security Compliance
• Certifications: Essential certifications include ISO 27001, ISO 22301, CISSP, and CISA
• Language: Must be fluent in English, with Arabic as an added advantage.

Your Competencies

• Technical: Security Frameworks & Standards: Pro­found knowledge of ISO 27001, NIST, and CIS
• Security Controls: A solid understanding of network security (Firewalls, IDS/IPS), Endpoint Security (EDR), IAM principles, and Cryptography
• Tools: Practical experience with Vulnerability and Risk Assessment Tools and familiarity with SIEM platforms
• Software Proficiency: Experience with GRC Platforms and documentation tools (Microsoft Office Suite, SharePoint, Jira, Confluence)

Behavioral

• Teamwork and Collaboration
• Quality and Results focused
• Learning Agility
• Business Acumen
• Decision Making
• Digital Savvy
• Agility and Adaptability
• Negotiation and influence
• Planning and Organizing

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Information Technology

Industries

• Transportation, Logistics, Supply Chain and Storage

Referrals increase your chances of interviewing at Agility by 2x

#J-18808-Ljbffr

Role Summary:

We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our central Governance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities:

Compliance and GRC Management

• Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks
• Ensure the organization's compliance with all relevant local, regional, and international regulations and standards, ISO 27001, ISO 22301)
• Act as the primary auditee and point of contact for all internal and external information security audits
• Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets
• Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

• Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on‑premise servers (Windows, Linux), databases, and network devices.
• Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses
• Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)
• Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging
• Apply strong knowledge of secure configuration baselines and hardening standards (CIS Benchmarks) for operating systems, web servers, and network equipment

#J-18808-Ljbffr

Role Summary:

We are seeking a highly experienced and results-drivenSenior Information Security Analystto serve as our centralGovernance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities: Compliance and GRC Management

• Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks
• Ensure the organization's compliance with all relevant local, regional, and international regulations and standards
• Act as the primary auditee and point of contact for all internal and external information security audits
• Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets
• Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

• Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on-premise servers (Windows, Linux), databases, and network devices.
• Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses
• Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)
• Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging
• Apply strong knowledge of secure configuration baselines and hardening standards for operating systems, web servers, and network equipment

Skills Your Qualifications:

• Education: Candidate must possess at least a Bachelor of Science or Bachelor of Computer Application
• Experience: A minimum of 5 - 10 years of experience in a similar environment
• Domain: Experience in Government Sector or Private Sector with Enterprise data Center Security Compliance
• Certifications: Essential certifications include ISO 27001, ISO 22301, CISSP, and CISA
• Language: Must be fluent in English, with Arabic as an added advantage.

Your Competencies: Technical:

• Security Frameworks & Standards: Profound knowledge of ISO 27001, NIST, and CIS
• Security Controls: A solid understanding of network security (Firewalls, IDS/IPS), Endpoint Security (EDR), IAM principles, and Cryptography
• Tools: Practical experience with Vulnerability and Risk Assessment Tools, and familiarity with SIEM platforms
• Software Proficiency: Experience with GRC Platforms, and documentation tools (Microsoft Office Suite, SharePoint, Jira, Confluence)

Behavioral:

• Teamwork and Collaboration
• Quality and Results focused
• Learning Agility
• Business Acumen
• Decision Making
• Digital Savvy
• Agility and Adaptability
• Negotiation and influence
• Planning and Organizing

#J-18808-Ljbffr

Role Summary

We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our central Governance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities

Compliance and GRC Management

• Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks
• Ensure the organization's compliance with all relevant local, regional, and international regulations and standards, ISO 27001, ISO 22301
• Act as the primary auditee and point of contact for all internal and external information security audits
• Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets
• Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

• Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on-premise servers (Windows, Linux), databases, and network devices.
• Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses
• Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)
• Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging
• Apply strong knowledge of secure configuration baselines and hardening standards (CIS Benchmarks) for operating systems, web servers, and network equipment

Your Qualifications

• Education: Bachelor of Science or Bachelor of Computer Applications
• Experience: A minimum of 5 - 10 years of experience in a similar environment
• Domain: Experience in Government Sector or Private Sector with Enterprise data Center Security Compliance
• Certifications: Essential certifications include ISO 27001, ISO 22301, CISSP, and CISA
• Language: Must be fluent in English, with Arabic as an added advantage.

Your Competencies

Technical:

• Security Frameworks & Standards: Profound knowledge of ISO 27001, NIST, and CIS
• Security Controls: A solid understanding of network security (Firewalls, IDS/IPS), Endpoint Security (EDR), IAM principles, and Cryptography
• Tools: Practical experience with Vulnerability and Risk Assessment Tools and familiarity with SIEM platforms
• Software Proficiency: Experience with GRC Platforms and documentation tools (Microsoft Office Suite, SharePoint, Jira, Confluence)

Behavioral:

• Teamwork and Collaboration
• Quality and Results focused
• Learning Agility
• Business Acumen
• Decision Making
• Digital Savvy
• Agility and Adaptability
• Negotiation and influence
• Planning and Organizing

#J-18808-Ljbffr

Role Summary: We are seeking a highly experienced and results-driven Senior Information Security Analyst to serve as our central Governance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities: Compliance and GRC Management

Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks

Ensure the organization's compliance with all relevant local, regional, and international regulations and standards, ISO 27001, ISO 22301)

Act as the primary auditee and point of contact for all internal and external information security audits

Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets

Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on‑premise servers (Windows, Linux), databases, and network devices.

Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses

Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)

Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging

Apply strong knowledge of secure configuration baselines and hardening standards (CIS Benchmarks) for operating systems, web servers, and network equipment

#J-18808-Ljbffr

Role Summary: We are seeking a highly experienced and results-drivenSenior Information Security Analystto serve as our centralGovernance, Risk, and Compliance (GRC) resource. This is a pivotal role responsible for the overall design, maintenance, and enhancement of the organization's security and resilience frameworks. The core purpose of this position is to ensure continuous compliance with all relevant international and local standards, with a specific focus on leading our audit readiness and certification efforts.

Your Responsibilities: Compliance and GRC Management

Establish, maintain, and enhance the organization's Information Security Management System (ISMS) and Business Continuity & Supply Chain Management (BCSM) frameworks

Ensure the organization's compliance with all relevant local, regional, and international regulations and standards

Act as the primary auditee and point of contact for all internal and external information security audits

Proactively identify, assess, and manage information security and business continuity risks to protect the organization's information assets

Drive a culture of security and resilience across the organization

Security Controls & Technical Oversight

Conduct security assessments and audits of various IT platforms, including cloud infrastructure, on-premise servers (Windows, Linux), databases, and network devices.

Utilize or interpret reports from vulnerability scanners and penetration testing tools to identify and prioritize security weaknesses

Evaluate and enforce robust Identity and Access Management (IAM) controls, including role-based access control (RBAC) and multi-factor authentication (MFA)

Review and ensure the security of cloud deployments (IaaS, PaaS, SaaS), including security groups, IAM policies, and logging

Apply strong knowledge of secure configuration baselines and hardening standards for operating systems, web servers, and network equipment

Skills Your Qualifications:

Education: Candidate must possess at least a Bachelor of Science or Bachelor of Computer Application

Experience: A minimum of 5 - 10 years of experience in a similar environment

Domain: Experience in Government Sector or Private Sector with Enterprise data Center Security Compliance

Certifications: Essential certifications include ISO 27001, ISO 22301, CISSP, and CISA

Language: Must be fluent in English, with Arabic as an added advantage.

Your Competencies: Technical:

Security Frameworks & Standards: Profound knowledge of ISO 27001, NIST, and CIS

Security Controls: A solid understanding of network security (Firewalls, IDS/IPS), Endpoint Security (EDR), IAM principles, and Cryptography

Tools: Practical experience with Vulnerability and Risk Assessment Tools, and familiarity with SIEM platforms

Software Proficiency: Experience with GRC Platforms, and documentation tools (Microsoft Office Suite, SharePoint, Jira, Confluence)

Behavioral:

Teamwork and Collaboration

Quality and Results focused

Learning Agility

Business Acumen

Decision Making

Digital Savvy

Agility and Adaptability

Negotiation and influence

Planning and Organizing

#J-18808-Ljbffr