Enable job alerts via email!
GRC Specialist (KSA National)
Specialized Technical Services
Saudi Arabia
On-site
SAR 120,000 - 160,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading cybersecurity firm in Saudi Arabia is seeking a Cybersecurity Specialist to develop and maintain policies and manage risks. Responsibilities include risk assessments, ensuring compliance with regulations, and engaging with stakeholders on cybersecurity matters. Ideal candidates should have a bachelor's degree in a related field and proven experience in cybersecurity policy development.
Qualifications
- Proven experience in developing and implementing cybersecurity policies and compliance programs.
- Ability to conduct risk assessments and manage cybersecurity incidents.
- Strong understanding of regulatory requirements related to cybersecurity.
Responsibilities
- Develop and update cybersecurity policies and documentation.
- Manage cybersecurity risks and ensure compliance with applicable standards.
- Conduct risk analysis for applications and systems undergoing changes.
Skills
Education
At Zaintech we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer‑centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Zaintech family.
At Zaintech we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.
Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.
Develops, updates and maintains cybersecurity policies to support and align with an organization’s cybersecurity requirements. Identifies, assesses and manages an organization’s cybersecurity risks to protect its information and technology assets. Ensures an organization’s cybersecurity program complies with applicable requirements, policies and standards.
- Develop cybersecurity policies and related documentation.
- Establish and maintain appropriate communication channels with stakeholders.
- Review existing proposed policies and related documentation with stakeholders.
- Cooperate with relevant regulatory agencies and other legal entities in any compliance reviews or investigations.
- Develop Cybersecurity Awareness program
- Promote awareness of cyber policy and strategy as appropriate among the organization's management and staff.
- Interpret and apply applicable laws, statutes and regulatory documents to ensure they are reflected in the cybersecurity policies.
- Create and publish the organization's cybersecurity policy
- Monitor how effectively cybersecurity policies, principles and practices are implemented in the delivery of planning and management services.
- Review, conduct, or participate in audits of cyber programs and projects.
- Develop risk mitigation strategies to effectively manage risk in accordance with organizational risk appetite
- Develop specific cybersecurity countermeasures and risk mitigation strategies.
- Ensure that decisions relating to cybersecurity are based on sound risk management principles
- Perform risk analysis whenever an application or system undergoes a major change
- Provide input to the risk management framework and related documentation.
- Ensure cybersecurity risks are identified and managed appropriately through the organization's risk governance process.
- Conduct an initial risk assessment of stakeholder assets and update the risk assessment on an ongoing basis.
- Use continuous monitoring tools to assess risk on an ongoing basis.
- Analyze organization's cybersecurity defense policies and configurations to evaluate compliance with regulations and organizational directives.
- Evaluate cybersecurity aspects of contracts to ensure compliance with financial, contractual, legal and regulatory requirements.
- Recognize patterns of non‑compliance with cybersecurity policies and related documentation to identify ways to improve the documentation.
- Periodically review cybersecurity strategy, policies and related documents to maintain compliance with applicable legislation and regulation.
- Work with stakeholders to resolve cybersecurity incidents and vulnerability compliance issues.
- Develop specifications to ensure that risk, compliance and assurance efforts conform with cybersecurity requirements.
- Monitor and evaluate a system's compliance with cybersecurity, resilience and dependability requirements.
- Provide support to compliance activities as necessary.
- Maintain knowledge of applicable legislation, regulation and accreditation standards and regularly review these to ensure continued organizational compliance
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
