Cybersecurity GRC Specialist
Skills
About This Role
About SiFi
SiFi is a fast-growing B2B FinTech company specializing in spend management and card issuance solutions.
We help companies take control of their spending, streamline expense workflows, and operate with greater efficiency.
Role Overview
The Cybersecurity GRC Specialist plays a critical role in maintaining SiFi’s cybersecurity compliance posture and ensuring audit readiness across all regulatory frameworks.
This role is responsible for managing the full Governance, Risk, and Compliance (GRC) lifecycle — including evidence management, policy governance, risk tracking, and KPI/KRI reporting — ensuring that all cybersecurity controls are measurable, defensible, and aligned with regulatory expectations.
1. Regulatory Compliance & Audit Readiness
- Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI-DSS
- Own the full evidence lifecycle: collection, validation, and documentation
- Ensure continuous audit readiness with traceable, control-aligned evidence
- Track regulatory findings and remediation plans, ensuring timely closure
- Provide regular compliance status reports to the CISO and relevant committees
2. Governance & Policy Management
- Develop and maintain cybersecurity policies, standards, and procedures
- Ensure documentation aligns with SiFi governance structure and regulatory expectations
- Manage document lifecycle (versioning, approvals, reviews)
- Map all policies and procedures to SAMA CSF controls
3. Cyber Risk Management
- Maintain and update the cybersecurity risk register
- Conduct third-party risk assessments (TPRA) and vendor due diligence
- Support risk reviews and reporting cycles
- Collaborate with Risk and Compliance teams to align enterprise risk frameworks
4. KPI / KRI Monitoring & Reporting
- Collect and validate cybersecurity KPIs/KRIs from relevant stakeholders
- Maintain a centralized KPI/KRI tracker
- Prepare periodic reports with trend analysis to support regulatory maturity (Level 3+)
- Identify and escalate performance gaps
Requirements
- Minimum 2 years in a dedicated Cybersecurity GRC role
- Hands-on experience with SAMA CSF compliance within regulated entities
- Experience in audit evidence preparation and regulatory assessments
- Strong background in drafting cybersecurity policies and procedures
- Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field
- Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC)² CC, CGRC or CISA or CRISC
- Speaks English and Arabic
Preferred Qualifications
- Experience with PDPL and NDMO regulations
- PCI-DSS compliance exposure
- Knowledge of cloud security (AWS, Azure, GCP, OCI)
- Experience in fintech or financial services
- Familiarity with frameworks like ISO 27001, NIST, COBIT
Your resume, rewritten
for this exact role.
Sign up free — Base Career tailors your CV to this job description in 60 seconds.
01 / 05
Resume Tailored to This Job
Your keywords, structure, and story — rewritten to match this exact role and pass ATS filters.
Free · No card · 60 seconds
02 / 05
Cover Letter for This Role, Done
Job-specific cover letters written in Gulf professional tone — ready in seconds, not hours.
Free · No card · 60 seconds
03 / 05
See How Well You Fit This Role
AI match score with clear reasons — know your fit before investing time in the application.
Free · No card · 60 seconds
04 / 05
Apply in One Click
Autofill any application form on Workday, LinkedIn, Bayt, Greenhouse — with your tailored content.
Free · No card · 60 seconds
05 / 05
Track It. Follow Up at the Right Time.
Visual pipeline for every application with AI-timed follow-up reminders so nothing slips.
Free · No card · 60 seconds
Similar Jobs
Cybersecurity GRC Specialist
Client of Talent 360 · Riyadh
The role involves managing Governance, Risk, and Compliance lifecycle, ensuring regulatory compliance, audit readiness, and developing cybersecurity policies for effective risk ...
Skills
5 days ago
Apply Now↗Apply Now ↗Senior Cybersecurity GRC Officer
البيت الأهلي للتمويل · Jiddah
Job Purpose: The Senior Cybersecurity GRC Officer is responsible for leading and executing cybersecurity governance, risk, compliance, policy management, control assessment and audit support activities. The role identifi
Skills
1 weeks ago
Apply Now↗Apply Now ↗Cybersecurity GRC & Data Protection
Bupa · جدة
Job Description Assist in developing and maintaining cybersecurity policies, standards, and procedures Support the identification and evaluation of cybersecurity risks and vulnerabilities, helping to maintain the Bupa
Skills
2 weeks ago
Apply Now↗Apply Now ↗Tamheer – Cybersecurity GRC & Data Protection
Bupa Arabia · Jiddah
Job Description Assist in developing and maintaining cybersecurity policies, standards, and procedures Support the identification and evaluation of cybersecurity risks and vulnerabilities, helping to maintain the Bupa
Skills
2 weeks ago
Apply Now↗Apply Now ↗Senior Cybersecurity GRC Specialist
TAWANTECH · Riyadh
Conduct cybersecurity risk assessments, develop governance frameworks, ensure compliance, and possess strong analytical skills in cybersecurity GRC.
Skills
2 weeks ago
Apply Now↗Apply Now ↗Experienced Cybersecurity GRC Manager
Diktu · Riyadh
Provide operational support for cybersecurity functions, ensuring compliance with regulations and managing risks while maintaining stakeholder relationships in Saudi Arabia.
Skills
2 weeks ago
Apply Now↗Apply Now ↗Experienced Cybersecurity GRC Manager for an onsite secondment role in Riyadh, KSA
DIKTU.com · Riyadh
Client > Large Enterprise, Saudi Arabia Context > For a project with a Partner in KSA we are seeking to onboard an experienced Cybersecurity GRC Manager for a role in Riyadh, Technology Industry * Tasks / Responsibiliti
Skills
2 weeks ago
Apply Now↗Apply Now ↗Senior Cybersecurity GRC Specialist
TAWANTECH · Riyadh
Summary: Manage cybersecurity governance, risk, and compliance activities aligned with SAMA CSF, NCA, and ISO 27001, ensuring effective security controls and regulatory compliance. Responsibilities: Conduct cybersecurity
Skills
2 weeks ago
Apply Now↗Apply Now ↗Senior Cybersecurity GRC Specialist
TAWANTECH · الرياض
Summary: Manage cybersecurity governance, risk, and compliance activities aligned with SAMA CSF, NCA, and ISO 27001, ensuring effective security controls and regulatory compliance. Responsibilities: Conduct cybersecurity
Skills
2 weeks ago
Apply Now↗Apply Now ↗2.2K+
Cover Letters & Follow-ups
1.8K+
Resumes Tailored
190.5K+
Jobs Tracked
Trusted by professionals at
Stop applying blindly.
Start getting hired.
Base Career automates the hardest parts of job searching — apply smarter, not harder.
AI Resume in 60s
Your resume rewritten for this exact role using the job description as the brief.
ATS-Optimized
Get past automated screening filters with the right keywords matched to each job.
Application Tracker
Track every job, follow-up, and interview in one visual kanban board.
Free plan · No credit card required