Senior Cybersecurity GRC Specialist

Overview

What You'Ll Do

• Conduct comprehensive cybersecurity risk assessments across business units and IT systems.
• Ensure compliance with Saudi regulatory frameworks including NCA ECC, SAMA CSF, and PDPL.
• Support audits and assessments related to regulatory and international standards.
• Develop, review, and update cybersecurity policies, procedures, and control mappings.
• Collaborate with internal stakeholders to ensure effective implementation and monitoring of security controls.
• Assist in implementing data privacy controls and breach notification procedures in line with PDPL and GDPR.
• Track and manage risk treatment plans, exceptions, and compliance gaps using GRC platforms.
• Evaluate and monitor security controls in cloud environments to ensure compliance and risk mitigation.
• Stay informed on AI technologies and assess their impact on cybersecurity posture, including risks related to data leakage, model integrity, and regulatory compliance.

Qualifications

• Bachelor s degree in Information Security, Computer Science, or a related field.
• 3 5 years of experience in cybersecurity risk management, compliance, or audit.
• Strong knowledge of NCA ECC, SAMA CSF, PDPL, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and GDPR.
• Relevant certifications such as ISO 27001 Lead Auditor, CISA, CISM, CIPM, or CRISC are preferred.
• Proficiency in English is required for documentation, communication, and collaboration across teams.
• Understanding of cloud environments and related security and compliance considerations is essential.
• Awareness of AI technologies and their associated risks