Assistant Manager Cyber security

Location: Dammam

Job title: Assistant Manager – Cyber Security Governance, Risk & Compliance (GRC)

Department: Cyber Security

The Assistant Manager – Cybersecurity GRC supports the execution of cybersecurity governance, risk, and compliance activities across the organization. The role focuses on operationalizing GRC programs, conducting risk and compliance activities, coordinating audits, and ensuring controls are effectively implemented and tracked under the guidance of the GRC Manager.

• Support the implementation and maintenance of Cybersecurity GRC programs, policies, standards, and procedures.
• Conduct and coordinate cybersecurity risk assessments, control assessments, and compliance reviews.
• Establish and oversee the Cybersecurity Risk Management Program, including risk identification, assessment, treatment, acceptance, and reporting.
• Monitor compliance with internal policies, regulatory frameworks, and contractual cybersecurity requirements.
• Support internal and external cybersecurity audits, including evidence collection, coordination, and tracking of findings.
• Perform third-party cyber risk assessments and follow up on remediation actions.
• Track and report Corrective and Preventive Actions (CAPA) and ensure closure within agreed timelines.
• Collaborate with IT, OT, and business units to support risk mitigation and compliance implementation.
• Prepare periodic reports, dashboards, and metrics on cybersecurity risk and compliance status.
• Maintain cybersecurity awareness initiatives and training activities.
• Assist in documenting incidents, findings and lessons learned to drive continuous improvement.
• Collaborate closely with Cybersecurity Operations and Technology and IT teams to support risk mitigation activities, control implementation, and validation of cybersecurity controls, as required.
• Perform cybersecurity-related tasks and assignments, as required to support departmental objectives and regulatory expectations.
• Support cross‑functional cybersecurity initiatives by contributing input to operational, architectural, or defensive activities when needed.

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• 4–6 years of experience in cybersecurity risk, governance, or compliance functions.
• Working knowledge of cybersecurity frameworks (e.g., NCA ECC, ISO 27001, NIST).
• Experience supporting audits, risk assessments, and compliance tracking.
• Familiarity with GRC tools and risk management methodologies.
• Certifications such as CRISC, CISA, ISO 27001 LI/LA are a plus.

• Strong analytical and documentation skills
• Attention to detail and control effectiveness
• Collaboration and coordination
• Clear written and verbal communication
• Continuous improvement mindset