Cybersecurity Specialist (Governance, Risk & Compliance)
C-Selection Technologies
Posted 30+ days ago
Send me Jobs like this
Nationality
Any Nationality
Gender
Not Mentioned
Vacancy
1 Vacancy
Job Description
Roles & Responsibilities
The Cybersecurity GRC Specialist is responsible for developing and maintaining the organization s cybersecurity policies, ensuring regulatory compliance, conducting risk assessments, and managing third-party security evaluations. This role plays a key part in aligning the organization with national and international cybersecurity standards, such as NCA ECC, SAMA CSF, ISO 27001, and NIST.
Roles and Responsibilities:
Governance & Compliance
- Develop, review, and maintain cybersecurity policies, standards, and procedures in accordance with NCA guidelines, ISO 27001, NIST,
- Ensure compliance with Saudi cybersecurity regulations including NCA Essential Cybersecurity Controls, SAMA Cybersecurity Framework, and other applicable standards.
- Conduct regular gap assessments and recommend corrective actions to ensure compliance.
Risk Management
- Perform cybersecurity risk assessments to identify vulnerabilities, threats, and control gaps.
- Maintain and update the organization's risk register and track mitigation actions.
- Collaborate with IT and business teams to implement risk treatment plans effectively.
Audit & Internal Reviews
- Audit the implementation and effectiveness of cybersecurity policies and procedures.
- Conduct internal compliance reviews and report findings to senior management.
- Coordinate with internal and external auditors for cybersecurity audits and follow up on corrective actions.
Awareness & Training
- Develop and deliver cybersecurity awareness programs for all employees.
- Conduct role-based security training for IT and business users.
- Promote a security-conscious culture through workshops, phishing simulations, and e-learning modules.
- Track and report on training participation and compliance rates.
Incident Response & Regulatory Reporting
- Assist in incident response from a compliance and documentation perspective.
- Prepare and submit regulatory compliance reports (e.g., NCA, SAMA).
Maintain proper documentation for audits and legal requirements.
Desired Candidate Profile
Education:
- Bachelor s degree in Cybersecurity, Information Technology, or a related field.
Certificates:
- CRISC Certified in Risk and Information Systems Control
- ISO 27001 Lead Auditor
- Certified Ethical Hacker (CEH)
- CompTIA PenTest+
Experience:
- 2 to 5 years of hands-on experience in cybersecurity governance, compliance, or risk management.
Technical Skills:
- Strong knowledge of cybersecurity governance, risk management, and compliance standards.
- Proficiency in conducting gap analyses, risk assessments, and developing remediation plans.
- Familiarity with third-party risk management and vendor security assessments.
- Strong analytical thinking and ability to recommend practical solutions.
- Excellent reporting and communication skills in English and Arabic.
- Attention to detail and documentation accuracy.
Soft Skills:
- Excellent problem-solving and analytical skills.
- Strong communication and teamwork abilities.
- Ability to work under pressure and meet tight deadlines when needed.
- Keep learning both technical know-how and personal skills.
Company Industry
- IT - Software Services
Department / Functional Area
- IT Software
Keywords
- Cybersecurity Specialist (Governance
- Risk & Compliance)
Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com