Senior Cybersecurity Governance, Risk Management, and Compliance Engineer
Inovasys
Date: 5 hours ago
City: Riyadh
Contract type: Contractor
Job Description
Lead the development and implementation of a Cybersecurity Governance, Risk, and Compliance (GRC) strategy within the organization.
Oversee all cybersecurity governance, risk management, and compliance activities, ensuring alignment with the organization's cybersecurity objectives and regulatory standards.
Review, develop, and document policies, procedures, standards, and processes required by the organization and regulatory authorities.
Develop and implement a cybersecurity and data awareness program to ensure employees are informed about relevant security practices.
Develop and update the governance and operational model to ensure clarity in roles and responsibilities.
Conduct comprehensive cyber risk assessments and audits to identify vulnerabilities and ensure compliance with Saudi and international cybersecurity standards, such as NCA, ISO 27001, and PDPL.
Develop and implement strategies to mitigate identified risks and address compliance gaps.
Monitor and ensure compliance with relevant Saudi cybersecurity regulations and international standards.
Track regulatory changes and adapt strategies and policies accordingly.
Collaborate with IT and security teams to integrate cybersecurity measures across the organization.
Facilitate cross-departmental coordination to ensure the effective implementation of all aspects of the cybersecurity framework.
Establish and enhance cybersecurity frameworks and methodologies to strengthen governance, risk management, and compliance activities.
Develop customized tools and templates for routine and strategic cybersecurity governance, risk management, and compliance activities.
Qualifications And Requirements
Education & Certification:
Bachelor’s or master’s degree in Cybersecurity, Information Security, Computer Science, Risk Management, or a related field.
Professional certifications as ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISSP, CISM, or CRISC
Experience
04 - 06 years of experience in cybersecurity, risk management, governance, or compliance roles.
Saudi nationality is a must.
Hands-on experience in policy development, risk assessments, and compliance monitoring.
Familiarity with cybersecurity frameworks and standards, such as ISO 27001, NCA, PDPL, NIST, and SAMA regulations.
Experience in conducting security risk assessments and supporting cybersecurity audits.
Exposure to regulatory compliance tracking and assisting in policy updates.
Experience in managing and operating cybersecurity awareness and training programs.
Technical Skills
Basic understanding of cybersecurity risk management methodologies.
Strong documentation and report-writing skills.
Ability to collaborate with cross-functional teams to ensure compliance with security policies.
Strong communication and problem-solving skills.
Fluency in Arabic and English preferred.
Lead the development and implementation of a Cybersecurity Governance, Risk, and Compliance (GRC) strategy within the organization.
Oversee all cybersecurity governance, risk management, and compliance activities, ensuring alignment with the organization's cybersecurity objectives and regulatory standards.
Review, develop, and document policies, procedures, standards, and processes required by the organization and regulatory authorities.
Develop and implement a cybersecurity and data awareness program to ensure employees are informed about relevant security practices.
Develop and update the governance and operational model to ensure clarity in roles and responsibilities.
Conduct comprehensive cyber risk assessments and audits to identify vulnerabilities and ensure compliance with Saudi and international cybersecurity standards, such as NCA, ISO 27001, and PDPL.
Develop and implement strategies to mitigate identified risks and address compliance gaps.
Monitor and ensure compliance with relevant Saudi cybersecurity regulations and international standards.
Track regulatory changes and adapt strategies and policies accordingly.
Collaborate with IT and security teams to integrate cybersecurity measures across the organization.
Facilitate cross-departmental coordination to ensure the effective implementation of all aspects of the cybersecurity framework.
Establish and enhance cybersecurity frameworks and methodologies to strengthen governance, risk management, and compliance activities.
Develop customized tools and templates for routine and strategic cybersecurity governance, risk management, and compliance activities.
Qualifications And Requirements
Education & Certification:
Bachelor’s or master’s degree in Cybersecurity, Information Security, Computer Science, Risk Management, or a related field.
Professional certifications as ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISSP, CISM, or CRISC
Experience
04 - 06 years of experience in cybersecurity, risk management, governance, or compliance roles.
Saudi nationality is a must.
Hands-on experience in policy development, risk assessments, and compliance monitoring.
Familiarity with cybersecurity frameworks and standards, such as ISO 27001, NCA, PDPL, NIST, and SAMA regulations.
Experience in conducting security risk assessments and supporting cybersecurity audits.
Exposure to regulatory compliance tracking and assisting in policy updates.
Experience in managing and operating cybersecurity awareness and training programs.
Technical Skills
Basic understanding of cybersecurity risk management methodologies.
Strong documentation and report-writing skills.
Ability to collaborate with cross-functional teams to ensure compliance with security policies.
Strong communication and problem-solving skills.
Fluency in Arabic and English preferred.
How to apply
To apply for this job you need to authorize on our website. If you don't have an account yet, please register.
Post a resumeSimilar jobs
Senior Sales Manager - B2B Exhibition Sales
Tahaluf,
Riyadh
6 hours ago
Company DescriptionTahaluf is rewriting the events playbook. Its purpose is transformational, its DNA digital, and its ambition unprecedented. Tahaluf is scaling to further increase its lead as the largest B2B Live and On Demand Events organiser in Saudi Arabia: by SQM, Attendance, Colleagues and Revenue. To scale at this pace requires impeccable local partners, and Tahaluf is proud to enjoy...
Process Excellence Executive
Qureos,
Riyadh
8 hours ago
Responsibilities Analyse existing business processes to identify bottlenecks, inefficiencies, and areas for improvement. Develop and implement process improvement initiatives using methodologies such as Lean, Six Sigma, and other relevant frameworks. Document process flows, procedures, and work instructions to ensure clarity and consistency. Collaborate with cross-functional teams to gather requirements, gain buy-in, and implement process changes effectively. Train and coach employees...
IT Support Administrator (Saudi National)
HungerStation | هنقرستيشن,
Riyadh
10 hours ago
About The OpportunityAssist in maintaining and managing IT infrastructure, including servers, networks, and storage.Monitor system performance and troubleshoot issues to ensure high levels of availability and security.Perform routine system maintenance tasks, such as software updates, patches, and backups.Provide first-level technical support to internal teams, diagnosing and resolving hardware, software, and network-related issues.Assist in deploying and configuring new systems and hardware...
