Associate Principal Job
Elm Company
Date: 8 hours ago
City: Riyadh
Contract type: Full time
ROLE PURPOSE
The aim is to state the overall significance of the job from the organization’s perspective.
Perform and support risk-based information security audits covering cybersecurity, access controls, data privacy, and protection of sensitive data; contribute to providing independent assurance and advisory services to enhance governance, control effectiveness, and overall security posture.
Key Accountabilities & Activities
This section describes the principal outputs required from the job.
Key Accountabilities
Key Activities
The aim is to state the overall significance of the job from the organization’s perspective.
Perform and support risk-based information security audits covering cybersecurity, access controls, data privacy, and protection of sensitive data; contribute to providing independent assurance and advisory services to enhance governance, control effectiveness, and overall security posture.
Key Accountabilities & Activities
This section describes the principal outputs required from the job.
Key Accountabilities
Key Activities
- Risk-Based Planning & Prioritization
- Define and execute the Information Security audit plan covering cybersecurity, access controls, and protection of sensitive data.
- Evaluate and prioritize security-related risks and determine high-priority audit engagements for execution.
- Security Assurance & Advisory
- Provide assurance and consultancy on information security governance, policies, procedures, and regulatory compliance.
- Recommend improvements to information security controls to address vulnerabilities and strengthen defense mechanisms.
- Provide reasonable assurance for compliance with applicable security standards to ensure data confidentiality, integrity, and availability.
- Threat-Led Testing & Technical Assessments
- Conduct or oversee compromise assessment and penetration testing activities to evaluate the effectiveness of existing security defenses, detect potential breaches, and validate remediation efforts.
- Conduct formal audits and gap assessments against national, regional, and industry security standards.
- Privacy, Data Governance & AI Ethics
- Audit data privacy, governance, and protection mechanisms to ensure adherence to applicable laws and internal policies.
- Evaluate the AI lifecycle from data acquisition to deployment to ensure fairness, transparency, and compliance with ethical and regulatory requirements.
- Assess controls that influence user trust, service reliability, and the organization’s overall security posture.
- Follow-Up & Performance Metrics
- Monitor implementation of information security-related corrective actions to ensure timely and effective resolution.
- Develop and review periodic information security audit metrics to monitor performance, risk coverage, and control effectiveness.
- Special Assignments & Reporting
- Perform special security-related audit assignments based on management requests.
- Issue concise reports with risk-ranked findings, root causes, and actionable recommendations; brief management/committee.
- Policies, Processes & Procedures
- Follow all relevant departmental policies, processes, standard operating procedures and instructions so that work is carried out in a controlled and consistent manner.
- Comply with all relevant safety, quality and environmental management policies, procedures and controls to ensure a healthy and safe work environment.
- Information Security
- Ensure the implementation of various information Security practices and standards to ensure compliance with relevant policies and the protection of ELM data and information.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Project Controls Manager (M2)
Mace,
Riyadh
4 hours ago
Mace combines construction expertise with consultancy to unlock potential in every person or project and redefine the boundaries of ambition. Our values shape the way we consult and define the people we want to join us on our journey.The ProjectThis is an opportunity to be involved in the delivery of major sports stadiums and associated projects in Saudi Arabia. Mace...
Senior Director - Head of Visa Direct KBO
Visa Saudi Arabia LLC,
Riyadh
8 hours ago
About Us
Visa is a world leader in payments technology, facilitating transactions between consumers, merchants, financial institutions and government entities across more than 200 countries and territories, dedicated to uplifting everyone, everywhere by being the best way to pay and be paid.
At Visa, you'll have the opportunity to create impact at scale — tackling meaningful challenges, growing your skills...
Development Manager - Urban Core
Qiddiya Investment Company,
Riyadh
11 hours ago
Qiddiya Investment Company is seeking a skilled Development Manager – Urban Core to lead the planning and execution of our high-impact urban development projects. This role focuses on creating dynamic, sustainable urban environments that integrate residential, commercial, and recreational spaces to enhance the community experience. As a key member of our development team, you will drive the delivery of urban...
