About the Job:
As a Cybersecurity Compliance Advisor SMP, your primary responsibility will be ensuring compliance with national regulatory requirements and international best practices in cybersecurity. You will conduct various compliance assessments, manage cybersecurity compliance posture, and interact with stakeholders across NEOM to uphold the required standards.
Key Responsibilities:
- Identify relevant regulatory requirements and standards applicable to entities and services.
- Map applicable standards and controls to unify compliance efforts.
- Conduct cybersecurity compliance assessments for multiple NCA regulations and industry standards, including:
- NCA Essential Cybersecurity Controls (ECC)
- NCA Critical Systems Cybersecurity Controls (CSCC)
- NCA Cloud Cybersecurity Controls (CCC)
- NCA Telework Cybersecurity Controls (TCC)
- NCA Operational Technology Cybersecurity Controls (OTCC)
- NCA Organizations’ Social Media Accounts Cybersecurity Control (OSMACC)
- NCA Data Cybersecurity Controls (DCC)
- ISO/IEC 27001:2022
- NDMO Regulations
- NIST CSF2.0
- Develop and maintain a compliance register integrated with the risk register where applicable.
- Manage the certification program of ISMS, prepare for annual ISO surveillance audits, and develop policies and procedures aligned with ISMS requirements.
- Review and audit vendor-related documents and security certifications for compliance.
- Identify and manage non-compliance issues with relevant stakeholders.
- Monitor compliance continuously and develop management dashboards and reports.
- Report on KPIs and KRIs related to compliance.
Qualifications and Experience:
- Years of Experience: 8+ years in cybersecurity compliance and regulatory compliance.
- Knowledge & Skills:
- Experience in compliance assessments and managing non-compliance.
- Familiarity with national and international regulatory standards (NCA, ISO 27000, NIST).
- Strong analytical and numerical skills.
- Excellent written and oral communication skills.
- Certifications: ISO 27001, CISA, CISM, CRISC, SANS (or equivalent).
This position requires a strategic mindset to ensure compliance while managing cybersecurity threats and vulnerabilities. Candidates should demonstrate an ability to work effectively with various stakeholders and implement best practices in cybersecurity compliance.
