Enable job alerts via email!
Specialist II, IT Security GRC Job
Tasnee
Riyadh
On-site
SAR 200,000 - 300,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
Tasnee offers an exciting opportunity for the position of Specialist II, IT Security GRC, located in Riyadh. The role involves leading the development of information security management policies and ensuring compliance with ISO27001 and local regulations. Candidates are expected to have substantial experience in IT security management, and strong communication skills are essential.
Qualifications
- Experience: +4 years
- Certified Information Security Manager – CISM / Certified Information Security
- Good knowledge of information security management policies & procedures and ISO27001
Responsibilities
- Lead and manage the development and maintenance of information security management policies and procedures.
- Develop and maintain a risk register and risk management framework.
- Perform internal audits for information security and service management systems.
Skills
Education
Job description
An exciting opportunity is available for Specialist II, IT Security GRC, located in Riyadh.
Report to:Section Head, Security Assurance & Aware
Job Summary:
The position helps Tasnee implement, facilitate, and maintain ISO27001 and local cybersecurity regulations and KSA NCA requirements. Compliance with the standard by developing or maintaining an information security management system (ISMS). This covers information security (IS) objectives, IS risk management and development of ISMS roles & responsibilities, controlling documentation, controlling records, ISMS performance evaluation, IS internal & external audits, IS management review, and the continual improvement of ISMS.
Role responsibilities:
- Lead and manage the development and maintenance of information security management policies and procedures.
- Drive information security upgrade and continuous improvement projects.
- Develop and maintain a risk register and risk management framework.
- Perform internal audits for information security and service management systems.
- Lead and manage the development of service continuity plans and their related policies and procedures.
- Work as a process manager for one or more SMS and ISMS processes
- Host, coordinate and facilitate IT-related external and third-party audits.
- Control ISMS documentation and records.
- Lead or coordinate corrective and preventive actions post to major incidents, audit findings, or any other means.
- Produce and maintain ISO27001 required documents and records
- Conduct and manage IT Disaster Recovery Exercise.
Qualifications and Requirements:
- Bachelor’s degree in Computer Science or Information System.
- Experience: +4 years
- Certified Information Security Manager – CISM / Certified Information Security
- Good knowledge of information security management policies & procedures and ISO27001
- Fair knowledge of COBIT and ISO20000 is a plus
- Hands-on experience in implementing and maintaining an information security management system
- Negotiation / Communication Skills
- Planning and Organizing
- English Fluency (written & spoken)
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
