GRC & Cloud Security Analyst

A career in our Cyber technology services will allow you to work under the supervision of cybersecurity leadership within the Cyber business unit consulting practice. You will use strategic business consulting skills to assist clients through all stages of strategy-based transformation projects, providing support on client assignments that help to develop strategies and implement them to refocus organizations. We are looking for dynamic, flexible, proactive, and hardworking consultants with a passion for shaping cybersecurity positively in the GCC.

As a Senior Associate, you'll work with a team to solve complex business issues from strategy to execution. Your responsibilities will include:

• Supporting the design and development of cybersecurity programs across various domains, including strategy development, governance, and risk management.
• Assisting in the development and implementation of compliance frameworks aligned with standards such as NIST CSF, ISO 27001, CIS Controls, and local GCC regulatory requirements.
• Conducting cybersecurity risk assessments and gap analyses to benchmark client capabilities against industry standards.
• Developing and refining cybersecurity policies, procedures, and guidelines that align with business objectives and compliance mandates.
• Supporting audit readiness and certification efforts for frameworks such as ISO 27001.
• Designing cybersecurity strategies and roadmaps that balance risk management with business enablement.
• Working with cross-functional teams on governance structures and performance indicators.
• Executing cybersecurity awareness and culture programs.
• Assisting in the design of technical security architectures and the implementation of cybersecurity solutions at client premises.
• Communicating effectively with diverse stakeholders and supporting business development activities.
• Conducting research on emerging cybersecurity technologies and developing new service offerings.

Skills and Competencies:

• Strong understanding of emerging cybersecurity technologies and standards.
• Experience in cybersecurity strategy, governance, risk management, and compliance.
• Familiarity with GCC regulatory frameworks and international leading practices.
• Special experience in identity and access management, SIEM/SOC, and security architecture is a plus.
• Excellent organizational and problem-solving skills, with the ability to prioritize workload and manage pressure.
• Strong relational skills and connections with clients in Saudi Arabia and the UAE are advantageous.
• Proven IT skills in Microsoft Office and G-suite applications.

Language Skills:
Excellent communication skills (verbal and written) in English; knowledge of Arabic is a plus.

Travel Requirements:
The ability and willingness to travel within the Middle East is a MUST.

Educational Qualifications:

• B.A/ B.Sc. in Computer Engineering or a related field.
• M.Sc. in Computer Engineering or a related field is preferred.
• Candidates are expected to hold or be actively pursuing relevant globally recognized certifications in Cybersecurity, Digital Trust, and Project Management.