Enable job alerts via email!
Cybersecurity Governance & Compliance Officer "GRC"
SSC HR Solutions
Riyad Al Khabra
On-site
SAR 224,000 - 338,000
Full time
Job summary
An innovative HR solutions provider in Al-Qassim Province seeks an experienced cybersecurity governance expert. This role focuses on maintaining cybersecurity governance, managing risks, and ensuring compliance with regulatory frameworks. Candidates should have at least 5 years of experience in GRC and be familiar with NCA and ISO27001 standards.
Qualifications
- Minimum 5 years of experience in Governance, Risk, and Compliance (GRC).
- Familiarity with NCA and ISO27001 frameworks.
Responsibilities
- Maintain and align cybersecurity governance with requirements.
- Identify and assess cybersecurity risks.
- Ensure compliance is audited and remediated.
Skills
Job description
Maintain Cybersecurity Governance: Refresh and align cybersecurity governance with regulatory requirements and best practices.
Ensure Cybersecurity Risk Management: Identify and assess cybersecurity risks to improve security posture and reduce impact.
Uphold Cybersecurity Compliance: Assure cybersecurity compliance requirements are audited and remediated accordingly.
Improve Cybersecurity GRC Operations: Enhance various GRC assessments and activities to be more agile in a fast-paced enterprise environment.
Cybersecurity Compliance Tasks
- Perform assessments based on NCA regulations (such as ECC and OSMACC) and client standards.
- Track findings, communicate with internal stakeholders, and validate evidences.
- Support internal audit activities.
- Support external audit activities (ISO27001).
- Prepare weekly and monthly status reports for compliance status.
Cybersecurity Risk Management Tasks
- Perform risk assessments for new solutions, third parties, and major technology changes.
- Maintain risk register, follow up on mitigation plans with stakeholders, and validate evidences.
- Represent cybersecurity in IT demand management and change management processes.
- Participate in and develop root cause analysis and corrective actions for cybersecurity incidents.
- Prepare weekly and monthly risk management status reports.
Cybersecurity Governance Tasks
- Review and update cybersecurity documentation such as standards, policies, and other governance framework documents.
- Develop new standards, processes, and procedures.
- Monitor cybersecurity practices and operational KPIs.
- Create a governance review plan.
Requirements
Minimum 5 years of experience in GRC.
The candidate should be familiar with the following frameworks:
- NCA – ECC National Cybersecurity Authority - Essential Cybersecurity Controls – ECC–1 : 2018
- NCA – CCC National Cybersecurity Authority - Cloud Cybersecurity Controls –CCC–1 : 2020
- NCA – TCC TCC–1 : 2021
- NCA – OSMACC National Cybersecurity Authority – Organization’s Social Media Accounts Cybersecurity Controls –OSMACC–1 : 2021
- NCA – DCC National Cybersecurity Authority - Data Cybersecurity Controls – DCC–1 : 2022
- NDMO National Data Management Office Regulations and Standards
- ISO27001:2022 - Standard for Information Security Management Systems (ISMS)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
