Enable job alerts via email!
Specialist II, IT Security GRC Job
Tasnee
Riyadh Region
On-site
SAR 200,000 - 300,000
Full time
Generate a tailored resume in minutes
Land an interview and earn more. Learn more
Job summary
A leading company in KSA is seeking a Specialist II in IT Security GRC, based in Riyadh. The role focuses on implementing and maintaining information security management systems to comply with ISO27001 and local regulations, leading projects for continuous improvement, and conducting audits. Ideal candidates should hold a Bachelor's degree in Computer Science or a related field, possess CISM certification, and have over four years of relevant experience.
Qualifications
- Certified Information Security Manager – CISM or equivalent certification.
- Good knowledge of information security management policies & procedures and ISO27001.
- Hands-on experience in implementing and maintaining an information security management system.
Responsibilities
- Lead and manage the development of information security management policies.
- Develop and maintain a risk register and risk management framework.
- Perform internal audits for information security.
Skills
Education
Job description
Press Tab to Move to Skip to Content Link
Select how often (in days) to receive an alert:
Work Location: KSA > Riyadh
An exciting opportunity is available for Specialist II, IT Security GRC, located in Riyadh.
Report to:Section Head, Security Assurance & Aware
Job Summary:
The position helps Tasnee implement, facilitate, and maintain ISO27001 and local cybersecurity regulations and KSA NCA requirements. Compliance with the standard by developing or maintaining an information security management system (ISMS). This covers information security (IS) objectives, IS risk management and development of ISMS roles & responsibilities, controlling documentation, controlling records, ISMS performance evaluation, IS internal & external audits, IS management review, and the continual improvement of ISMS.
Role responsibilities :
- Lead and manage the development and maintenance of information security management policies and procedures.
- Drive information security upgrade and continuous improvement projects.
- Develop and maintain a risk register and risk management framework.
- Perform internal audits for information security and service management systems.
- Lead and manage the development of service continuity plans and their related policies and procedures.
- Work as a process manager for one or more SMS and ISMS processes
- Host, coordinate and facilitate IT-related external and third-party audits.
- Control ISMS documentation and records.
- Lead or coordinate corrective and preventive actions post to major incidents, audit findings, or any other means.
- Produce and maintain ISO27001 required documents and records
- Conduct and manage IT Disaster Recovery Exercise .
Qualifications and Requirements :
- Bachelor’s degree in Computer Science or Information System.
- Experience: +4 years
- Certified Information Security Manager – CISM / Certified Information Security
- Good knowledge of information security management policies & procedures and ISO27001
- Fair knowledge of COBIT and ISO20000 is a plus
- Hands-on experience in implementing and maintaining an information security management system
- Negotiation / Communication Skills
- Planning and Organizing
'/%3e%3cpath%20d='M101.744%2012.4726L102.894%2016.1947L99.0021%2013.2201L101.744%2012.4726ZM105.3%208.40937H100.488L99.0026%203.59473L97.5116%208.41047L92.7%208.40385L96.5965%2011.3834L95.1055%2016.1942L99.0021%2013.2196L101.408%2011.3834L105.3%208.40992V8.40937Z'%20fill='white'/%3e%3cdefs%3e%3clinearGradient%20id='paint0_linear_5593_1381'%20x1='90'%20y1='9.44471'%20x2='99'%20y2='9.44471'%20gradientUnits='userSpaceOnUse'%3e%3cstop%20stop-color='%2300AD70'/%3e%3cstop%20offset='0.998594'%20stop-color='%2300B67A'/%3e%3cstop%20offset='1'%20stop-color='%23DCDCE6'/%3e%3c/linearGradient%3e%3c/defs%3e%3c/svg%3e){kind=small}
job faster
Follow us
