Information Security GRC Lead Specialist
4 weeks ago
Company: Zakat, Tax and Customs Authority
Jobholders at this level may be regarded as a source of expertise and are responsible for developing frameworks, policies, and operational plans. They also analyze complex issues, understand business needs, bring together multiple concepts and translate them into tangible actions and support to enhance performance of the function. They are responsible for developing, maintaining, and publishing up-to-date information security policies, standards, and guidelines and overseeing the approval, training, and dissemination of security policies and practices.
Information Security Governance- Set information security policies, standards and develop accordingly related processes ensuring alignment with cybersecurity regulatory requirements.
- Design information security procedures and frameworks to ensure consistency in the implementation of security control.
- Develop information security, governance, risk and compliance programs for effective management of IT and security risks meeting compliance requirements.
- Prepare cybersecurity awareness programs and develop education plan including workshops, seminars, etc. regarding standards, policies and governance processes foster attentiveness and knowledge in cybersecurity topics across ZATCA's employees.
- Conduct cybersecurity risk assessment to identify potential risks and related daily changes initiating the development of needed mitigation plan.
- Develop risk mitigation plan and remediation plan to effectively manage risk in accordance with ZATCA's risk appetite.
- Manage cybersecurity risks and risks register to identify, log and track potential risks ensuring compliance with cybersecurity standards and governance policies and procedures.
- Follow-up on the implementation of corresponding mitigating controls as per set plan ensuring update of risk register.
- Conduct risk assessment for the identified non-conformities during security audits and recommend accordingly needed improvement action for protection and detection capabilities.
- Perform information security audit, semiannually assessment against NCA and annually assessment against ISO 27001 to recognize patterns and cases of non-compliance with cybersecurity policies and recommend accordingly areas of improvement.
- Manage non-compliance cases improving business process and operations by supporting external assessments against NCA framework.
- Develop periodic report consolidating the status of information security compliance and report it with regulates (ISO 27001 & NCA).
- Follow all relevant policies, processes and standard operating procedures so that work is carried out in a controlled and consistent manner.
- Help in solving escalated problems and provide needed support for junior team to ensure work is carried out in an efficient manner.
- Escalate complex problems to the relevant person to ensure cases/issues are closed properly.
- Perform other duties as requested.
- Train junior staff on the different job activities to ensure transfer of know-how, when applicable.
- Provide clear direction, prioritize tasks, assign and delegate responsibility, and monitor the workflow of subordinates/junior staff.
- Support junior staff or direct reports in order to execute their duties according to set policies and processes.
- Bachelor's degree in Science in Cybersecurity or equivalent is required.
- Master's degree in Cybersecurity or equivalent is preferred.
- A minimum of 4 years of relevant experience.
Advanced
#J-18808-Ljbffr-
GRC Specialist
1 day ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeGRC Specialist Job OverviewThe Senior Information Security Governance, Risk, and Compliance (GRC) Specialist plays a critical role in ensuring the organization's information security program meets industry standards and regulations.Responsibilities:Security Policy Expertise: Develop and maintain security policies, standards, and procedures.Risk Assessment...
-
Senior Information Security GRC Specialist
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Dimension Data NTT ltd Full timeSenior Information Security GRC SpecialistQualification: Bachelor's in Computer Application (Computers)Nationality: Any NationalityVacancy: 1 VacancyJob DescriptionYour day at NTT DATAThe Senior Information Security Governance, Risk and Compliance (GRC) Specialist is an advanced subject matter expert responsible for overseeing the organization's information...
-
Senior Information Security GRC Specialist
1 week ago
Riyadh, Ar Riyāḑ, Saudi Arabia NTT DATA Middle East and Africa Full timeSenior Information Security GRC Specialist - Jeddah, KSAJoin us to apply for the Senior Information Security GRC Specialist - Jeddah, KSA role at NTT DATA Middle East and Africa.Make an impact with NTT DATAJoin a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, making a...
-
Senior Information Security GRC Specialist
3 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Applicable Limited Full timeContinue to make an impact with a company that is pushing the boundaries of what is possible. At NTT DATA, we are renowned for our technical excellence, leading innovations, and making a difference for our clients and society. Our workplace embraces diversity and inclusion – it's a place where you can continue to grow, belong, and thrive.Your career here...
-
Information Security Governance Specialist
6 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeAs a Senior Information Security Governance, Risk and Compliance (GRC) Specialist, you will play a crucial role in overseeing the organization's information security program. This involves leading risk assessments, developing security policies, ensuring alignment with industry standards and regulations, and fostering a culture of security awareness among...
-
Junior GRC Specialist
3 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Giza Systems Full timeJunior GRC Specialist - Information SecurityJob DescriptionRole:The GRC Specialist participates in information security Governance, Risk Management, and Compliance engagements within Jafeer and for Jafeer customers.Responsibilities:Participate in various IT Risk Management & Business Continuity initiatives.Ensure that requirements in IT Audit, Standards,...
-
Advanced Information Security Professional
22 hours ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timePursue a challenging career as a Senior Information Security Governance, Risk and Compliance (GRC) Specialist. This advanced role requires a subject matter expert who can oversee the organization's information security program, focusing on governance, risk management, compliance, security awareness, and policy management.This senior position involves leading...
-
Information Security Governance Specialist
6 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeJob SummaryThe Junior GRC Specialist plays a pivotal role in information security Governance, Risk Management, and Compliance engagements. This individual contributes to successful outcomes by participating in initiatives that mitigate IT risks and ensure business continuity.
-
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeInformation Security Governance PositionThis Senior Information Security Governance, Risk, and Compliance (GRC) Specialist role is responsible for leading the organization's information security program, focusing on governance, risk management, compliance, security awareness, and policy management.Key Functions:Lead Risk Assessments: Lead risk assessments...
-
Cyber Security GRC Lead
1 week ago
Riyadh, Ar Riyāḑ, Saudi Arabia Foodics Full time1 week ago Be among the first 25 applicantsWho Are WeWe are Foodics A leading restaurant management ecosystem and payment tech provider. Founded in 2014 with headquarters in Riyadh and offices across 5 countries, including UAE, Egypt, Jordan, and Kuwait. We currently serve customers and partners in over 35 countries worldwide. Our innovative products have...
