Cyber Security Governance & Compliance lead

Established in 2008, Geidea epitomises customer focused empowerment and commercial success through continuous innovation

Geidea makes best in class digital payment solutions available for all by attracting and leveraging the best creative & entrepreneurial talent in the market

Our solutions give any business the chance to get ahead and reach for more no matter their size or maturity.

Our technology mirrors our people - Smart, Innovative & Forward Thinking

www.geidea.net

To maintain competitive advantage as we grow, we are currently looking for new Cyber Security Governance & Compliance lead

Assist in the implementation of A governance, risk, and compliance programs and guidelines, drafting policies and procedures, reporting to ensure smooth implementation of cybersecurity activities across all regions in Geidea.

• Assist in implementation of Information Security Management System in compliance with SAMA CSF, PCI-DSS and ISO 27001 across organization.
• Assist in implementation of PCI DSS compliance.
• Assist in drafting, maintaining, and enforcing policies, procedures, and controls in accordance with PCI DSS.
• Coordinate and formulate detailed reports of ISMS internal reviews and periodic PCI DSS reviews.
• Execute periodic activities as required for achieving compliance of PCI DSS/ISO 27001.
• Coordinate and assist various teams in closure of ISMS findings internal review report and PCI DSS gaps.
• Assist and coordinate with various teams in annual external audits of PCI DSS.
• Assist and support in achieving PCI DSS compliance for upcoming projects and various teams in IT.
• Conduct organization wide information security awareness training.
• Assist in security incident response and RCA activities.
• Implementing cybersecurity program in compliance with CBE Cyber Security Framework, PCI-DSS and ISO 27001 across organization.
• Conduct a cyber security risk assessment.
• Represent the cyber security function in the change management process.
• Maintain an updated risk register.
• Report on the progress and engagement of the cyber security GRC on a weekly basis.
• Conduct cyber security third-party risk assessment.
• Engage in the early stages of business project to recommend cyber security controls.

• 3-5 years of experience
• Bachelor's degree in computer engineering, computer science, Information Technology or any related field.
• Certifications:
  • ISO 27001 LA/LI
  • PCIP
  • CISA/CRISC/CISSP
  • CEH
  • ITIL Foundation
  • CompTIA Security+
  • Firewalls certifications
• Experience in information security and application security controls.
• Exposure to methodologies, such as OWASP is preferred.
• Sound experience in PCI-DSS, SAMA Cyber Security Framework, and NCA.
• Knowledge and understanding of Information Security related risk assessments framework such as SAMA, OCTAVE, COBIT, ISO 27005 and NIST 800-30, CBE.
• Ability to perform internal information security reviews and meet with external audits.

• Sound understanding and knowledge of firewall rules, security architecture, infrastructure, and application hardening.
• Sound experience in Implementing ISMS, performing internal reviews, drafting and enforcing policies in accordance with SAMA Cyber Security Framework, ISO 27001, and PCI-DSS, CBE Cyber Security Framework or national regulators.
• Exposure to the financial Sector Is preferred.

Our values guide how we think and act - They describe what we care about the most

Customer first - It's embedded in our design thinking and customer service approach

Open - Openness allows us to constantly improve and evolve

Real - No jargon and no excuses!

Bold - Constantly challenging ourselves and our way of thinking

Resilient If we fail, we bounce back stronger than before

Collaborative - We know that we can achieve a lot more as a team

We are changing lives by constantly striving for a better solution

Click apply below and become part of the Geidea story