Cybersecurity GRC Consultant
3 weeks ago
Cybersecurity GRC Consultant – Riyadh, Saudi Arabia
Location: Riyadh, KSA
Experience Required: Minimum 2 years in Cybersecurity Governance, Risk, and Compliance
Employment Type: Full-time
Job Summary:
We are seeking a motivated and skilled Cybersecurity GRC Consultant to join our cybersecurity company in Riyadh. The successful candidate shall support KSA organizations in enhancing their cybersecurity posture by aligning with national regulations (NCA, PDPL, CST, SAMA, Aramco, Sabic… frameworks), international standards (ISO 27001, 27701, 22301, NIST), and industry best practices. The consultant will assess, implement, and improve governance, risk management, and compliance programs across various sectors.
Key Responsibilities:
- Assist in the implementation and maintenance of cybersecurity governance programs in line with the NCA ECC, PDPL, CST CRF SAMA CSF, ISO 27001, NIST CSF, NCA Cloud Cybersecurity Controls, and NCA OT Controls.
- Conduct Cybersecurity Risk Assessments, Maturity Assessments, Business Impact Analysis (BIA), and Control Gap Assessments.
- Develop and review cybersecurity policies, procedures, and frameworks in compliance with NCA and global standards.
- Support audit and regulatory compliance activities, including evidence collection and compliance readiness.
- Provide recommendations to enhance cybersecurity maturity and address regulatory gaps.
- Maintain an understanding of emerging cyber threats, regulatory changes, and technology trends affecting cybersecurity governance.
- Prepare detailed reports and deliver presentations to stakeholders and clients.
- Support clients during compliance audits and assessments (e.g., NCA audit, ISO certification, PCI DSS review).
- Coordinate with technical and business units to ensure integration of GRC activities into the business strategy.
Required Knowledge Areas:
- NCA Cybersecurity Controls & Frameworks (ECC, CCC, OTCC)
- Cybersecurity Governance models and organizational cybersecurity strategy development
- Enterprise Risk Management (ERM) and Cyber Risk Management methodologies (e.g., Octave Allegro, ISO 31000, FAIR)
- Regulatory requirements and standards: SAMA CSF, PDPL, ISO 27001, NIST CSF, PCI DSS, etc.
- Cybersecurity policy and procedure development
- Incident response governance and oversight
- Compliance reporting, internal control, and assurance
Required Skills:
- Strong analytical, conflict resolution and problem-solving skills
- Risk identification and prioritization
- Policy writing and process design
- Excellent written and verbal communication skills in both Arabic and English
- Presentation and stakeholder engagement skills
- Ability to work independently and as part of a team
- Proficiency with GRC tools or platforms (e.g., RSA Archer, ServiceNow GRC, OneTrust is a plus)
Qualifications:
- Bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Systems, or a related field. Masters degree is a plus.
- Minimum 2 years of experience in Cybersecurity Governance, Risk, and Compliance
- One or more of the following certifications (preferred):
- CRISC (Certified in Risk and Information Systems Control)
- CISA (Certified Information Systems Auditor)
- CISM (Certified Information Security Manager)
- GRCP (GRC Professional)
- Familiarity with national regulations including the NCA ECC Framework, SAMA CSF, PDPL, CST CRF, etc.
Entry level
Employment typeFull-time
Job functionInformation Technology
IndustriesComputer and Network Security
#J-18808-Ljbffr-
Cybersecurity GRC Consultant
3 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia IT Security C&T Full timeCompany DescriptionIT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.IT Security C&T is continuously expanding its team of qualified professionals for a wide...
-
Cybersecurity GRC Consultant
5 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia Itsecurityct Full timeIT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.IT Security C&T is continuously expanding its team of qualified professionals for a wide range of...
-
Junior Cybersecurity GRC Consultant
2 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia cyberani solutions Full timeBachelor's Degree: Bachelors in Computer Application (Computers)Nationality: Any NationalityVacancy: 1 VacancyJob Description:The Junior Consultant supports the delivery of Governance, Risk, and Compliance (GRC) services, assisting senior team members in executing client projects. This role is ideal for fresh graduates looking to build a foundation in...
-
Cybersecurity GRC Consultant
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia IT Security C&T Full timeGet AI-powered advice on this job and more exclusive features.Company DescriptionIT Security C&T is an innovative, fast-growing security consulting and training company. Our management team combined with our consultants and engineers work together to deliver comprehensive security solutions to our customers around the MENA region.IT Security C&T is...
-
GRC Consultant Professional
1 week ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeAbout the Role:We are looking for a highly skilled and experienced Cybersecurity GRC Consultant to join our team. As a GRC consultant, you will be responsible for developing and maintaining cybersecurity governance frameworks, collaborating with cross-functional teams to identify and assess cybersecurity risks and vulnerabilities, and conducting regular...
-
GRC Principal Consultant
1 week ago
Riyadh, Ar Riyāḑ, Saudi Arabia cyberani solutions Full timeThe Principal Consultant is an experienced GRC expert who provides advanced cybersecurity GRC advisory services, delivers complex client engagements, and supports the strategic execution of cybersecurity governance, risk, and compliance projects. They act as the go-to experts on niche and advanced GRC topics, contributing to both project success and team...
-
Cybersecurity GRC Specialist
2 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia beBee Careers Full timeJob DescriptionWe are seeking a highly skilled professional to support our clients in implementing and managing GRC solutions, and developing awareness programs to strengthen cybersecurity resilience.The ideal candidate will have experience in delivering cybersecurity managed services, with hands-on expertise in GRC platforms such as RSA Archer, ServiceNow,...
-
Cybersecurity GRC Manager
4 days ago
Riyadh, Ar Riyāḑ, Saudi Arabia 2P Perfect Presentation Full timeWe are seeking a Cybersecurity GRC Manager to join our team in Riyadh, Saudi Arabia. In this role, you will lead the development and implementation of our information security governance, risk management, and compliance (GRC) program. You will ensure our cybersecurity policies and procedures meet business objectives and regulatory requirements, including...
-
Cybersecurity GRC Manager
3 weeks ago
Riyadh, Ar Riyāḑ, Saudi Arabia Niceone Full timeWe are searching for a dedicated and experienced individual to join our team as a Cybersecurity GRC Manager. This position provides an exceptional opportunity to lead our organization's Governance, Risk, and Compliance (GRC) initiatives in the cybersecurity domain. If you have a passion for protecting digital assets and ensuring compliance with security...
-
ServiceNow GRC Consultant
22 hours ago
Riyadh, Ar Riyāḑ, Saudi Arabia Devoteam Full timeWe are looking for a highly skilled ServiceNow Consultant with handson experience in ServiceNow GRC to join our cybersecurity team. This role combines business analysis development and functional consulting requiring a solid grasp of Governance Risk and Compliance principles and the ability to translate business needs into scalable technical solutions.Key...
