Information Security GRC Lead Specialist
1 week ago
Company: Zakat, Tax and Customs Authority
Jobholders at this level may be regarded as a source of expertise and are responsible for developing frameworks, policies, and operational plans. They also analyze complex issues, understand business needs, bring together multiple concepts and translate them into tangible actions and support to enhance performance of the function. They are responsible for developing, maintaining, and publishing up-to-date information security policies, standards, and guidelines and overseeing the approval, training, and dissemination of security policies and practices.
Information Security Governance- Set information security policies, standards and develop accordingly related processes ensuring alignment with cybersecurity regulatory requirements.
- Design information security procedures and frameworks to ensure consistency in the implementation of security control.
- Develop information security, governance, risk and compliance programs for effective management of IT and security risks meeting compliance requirements.
- Prepare cybersecurity awareness programs and develop education plan including workshops, seminars, etc. regarding standards, policies and governance processes foster attentiveness and knowledge in cybersecurity topics across ZATCA's employees.
- Conduct cybersecurity risk assessment to identify potential risks and related daily changes initiating the development of needed mitigation plan.
- Develop risk mitigation plan and remediation plan to effectively manage risk in accordance with ZATCA's risk appetite.
- Manage cybersecurity risks and risks register to identify, log and track potential risks ensuring compliance with cybersecurity standards and governance policies and procedures.
- Follow-up on the implementation of corresponding mitigating controls as per set plan ensuring update of risk register.
- Conduct risk assessment for the identified non-conformities during security audits and recommend accordingly needed improvement action for protection and detection capabilities.
- Perform information security audit, semiannually assessment against NCA and annually assessment against ISO 27001 to recognize patterns and cases of non-compliance with cybersecurity policies and recommend accordingly areas of improvement.
- Manage non-compliance cases improving business process and operations by supporting external assessments against NCA framework.
- Develop periodic report consolidating the status of information security compliance and report it with regulates (ISO 27001 & NCA).
- Follow all relevant policies, processes and standard operating procedures so that work is carried out in a controlled and consistent manner.
- Help in solving escalated problems and provide needed support for junior team to ensure work is carried out in an efficient manner.
- Escalate complex problems to the relevant person to ensure cases/issues are closed properly.
- Perform other duties as requested.
- Train junior staff on the different job activities to ensure transfer of know-how, when applicable.
- Provide clear direction, prioritize tasks, assign and delegate responsibility, and monitor the workflow of subordinates/junior staff.
- Support junior staff or direct reports in order to execute their duties according to set policies and processes.
- Bachelor's degree in Science in Cybersecurity or equivalent is required.
- Master's degree in Cybersecurity or equivalent is preferred.
- A minimum of 4 years of relevant experience.
Advanced
#J-18808-Ljbffr-
Lead Information Security GRC Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeThe Senior Information Security Governance, Risk and Compliance (GRC) Specialist is responsible for overseeing the organization's information security program, focusing on governance, risk management, compliance, security awareness, and policy management.This is a leadership role that requires advanced subject matter expertise in information security. The...
-
Senior Information Security GRC Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia Applicable Limited Full timeContinue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can continue to grow, belong, and thrive.Your career here...
-
Senior Information Security Governance Lead
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeAre you a seasoned professional looking to take your information security career to the next level? We have an exciting opportunity for a Senior Information Security GRC Specialist to join our team. In this role, you will play a critical part in overseeing our organization's information security program, with a focus on governance, risk management,...
-
GRC Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeIT Governance, Risk Management and Compliance SpecialistThe role of the GRC Specialist involves participating in information security Governance, Risk Management and Compliance engagements. This encompasses a range of activities that contribute to the overall security posture of the organization.Key Responsibilities:Engage in various IT Risk Management and...
-
Junior GRC Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia Giza Systems Full timeJunior GRC Specialist - Information SecurityJob DescriptionRole:The GRC Specialist participates in information security Governance, Risk Management, and Compliance engagements within Jafeer and for Jafeer customers.Responsibilities:Participate in various IT Risk Management & Business Continuity initiatives.Ensure that requirements in IT Audit, Standards,...
-
Director of Information Security Governance
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeWe are seeking a highly skilled Senior Information Security GRC Specialist to join our team. As a key member of our information security program, you will be responsible for overseeing governance, risk management, compliance, security awareness, and policy management.In this role, you will lead risk assessments, develop security policies, and ensure...
-
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeThe Senior Information Security Governance, Risk and Compliance (GRC) Specialist is a senior-level position that requires advanced expertise in information security, including GRC-related roles. You will be responsible for leading risk assessments, developing security policies, and ensuring alignment with industry standards and regulations.Your expertise in...
-
Information Security Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full time**Cybersecurity GRC Lead Job SummaryWe are seeking an experienced Cybersecurity GRC Lead to develop and implement cybersecurity policies, standards, and procedures that align with regulatory requirements and best practices.Main Responsibilities:Develop a comprehensive cybersecurity strategy aligned with business objectives.Evaluate emerging security...
-
GRC Specialist
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeJunior Information Security SpecialistAs a key member of our team, you will participate in information security Governance, Risk Management, and Compliance engagements. Your role will be to ensure that requirements in IT Audit, Standards, Policies, Compliance, and Risk controls are met.
-
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeInformation Security Governance and Compliance ProfessionalThis position involves working on information security Governance, Risk Management and Compliance engagements. The GRC Specialist plays a critical role in ensuring the organization's security posture through various activities.Main Responsibilities:Participate in IT Risk Management and Business...
