Security Consulting Team Lead

Title: Cybersecurity Strategy and GRC SME

Location: Riyadh, Saudi Arabia

About Accenture

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Song, Technology and Operations services — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 738,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at www.accenture.com.

About Accenture Security

Join Accenture Security to pioneer security solutions that blend risk strategy, digital identity, cyber defense, application security and managed services. Using the coolest next-gen tech, you’ll have every chance to stay one step ahead of cybercrime and out-hack the hackers.    

Accenture Security provides comprehensive security services – from security strategy development, to business transformation, to managed security services – on demand and at a global scale to help mitigate risks and take full advantage of advanced technologies and proven risk management models. Our experienced team of global security professionals helps businesses understand their risks and build resilience from the inside out, giving them the confidence to focus on what matters most: innovation and business growth. 

Responsible for managing cybersecurity GRC and third-party security risks at the CLIENT with focusing on Cyber Risk management.

Roles & Responsibilities:

Develop the cybersecurity policies and procedures aligned with best practices and NCA

Assess patterns of non-compliance with CLIENT’s cybersecurity policies and procedures to ensure improvements.

Establish cybersecurity compliance processes and audits for services provided by third parties.

Develop a risk management strategy for THE CLIENT.

Design, implement and maintain a risk management program.

Ensure the effectiveness of the security mechanism for the protection of THE CLIENT data, systems and networks.

Oversee and assess THE CLIENT systems’ compliance with cybersecurity, resilience and dependability requirements.

Identify the roles and responsibilities for execution of the Risk Management Framework.

Update the risk register based on the risk assessment.

Determine and record the supply chain risks for key systems.

Develop and calculate KPIs to monitor the performance of the cybersecurity function.

Evaluate products that are implemented in RAC to manage cybersecurity risks to ensure that they are authorized for use.

Ensure the organization's cybersecurity requirements are considered when collaborating with third parties.

Perform risk assessment when new applications / systems are introduced or when there are changes / upgrades to an application or system.

Perform a cybersecurity risk assessment of THE CLIENT systems and information.

Conduct cybersecurity risk assessment across the organization.

Develop and monitor the implementation of the risk treatment plan.

Develop and calculate KRIs to monitor the risks.

Develop cybersecurity risk detection, prevention and mitigation plans according to THE CLIENT’s risk appetite.

Educate interested third parties about cybersecurity threats and mitigation methods.

Develop and perform third party cybersecurity compliance processes and audits.

Ensure third parties’ compliance with privacy and data security requirements.

Communicate cybersecurity risks, posture, and event / incident management reports to the stakeholders.

Knowledge:

NIST CSF Framework.

The principles of cybersecurity and privacy.

Cybersecurity risk management processes and methods.

Cybersecurity in supply chain risk management.

Data classification standards and methodologies.

Operational impact on an organization due to cybersecurity breaches.

Relevant cybersecurity, ethics and privacy laws, regulations, and standards.

Qualifications:

Bachelor’s degree in computer science, information systems, or related field.

6 - 8 years of experience in information security and risk management.

Experience working with common information security standards, such as: ISO 27001/27002, ISO27005, ISO31000 NIST, etc.

CISSP, CISM, CISA, CRISC, CGEIT, PMI-RMP, or equal certifications.

Why join us?

We offer a transparent, fast paced approach career progression, with a focus on your strengths and continuous coaching from senior colleagues

You will benefit from working alongside Accenture experts who are solving some of the biggest industry challenges with innovative thinking and pioneering tools

Flexible work arrangements and a range of benefits including competitive rewards

You will have access to state-of-the-art technology that will give you the opportunity to deepen your existing skills even as you help create the latest business trends

You will also have opportunities to make a difference to the communities in which we work and live

Next Steps

If this sounds like the ideal role, career and company for you, click below to apply. To learn more about life @AccentureMiddleEast, follow us on social media and keep up with our latest news.

Accenture Middle East: LinkedIn, Instagram, Facebook, Twitter, YouTube