We are seeking a highly skilled Saudi National GRC Consultant to support the Governance, Risk & Compliance (GRC) initiatives for one of our key clients in Riyadh. The selected candidate will play a critical role in strengthening the organization’s ISO 27001:2022 Information Security Management System (ISMS), ensuring ongoing compliance, maintaining documentation, and supporting audit readiness.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Location: Riyadh, Saudi Arabia
Work Conditions: On-site, Full-time
Key Responsibilities:
-
ISO 27001 Governance & Compliance
- Develop, review, and update ISMS policies, procedures, standards, and governance documentation.
- Ensure alignment of all documentation and processes with ISO 27001:2022 controls and best practices.
- Drive continuous improvement across ISMS implementations.
-
Risk Management
- Conduct and support periodic risk assessments, update risk registers, and maintain security-related documentation.
- Manage ISMS records, logs, and evidence repositories to support control validation.
-
Audit Preparedness
- Lead and support the organization in internal and external ISO 27001 audits.
- Coordinate with internal teams, external auditors, and stakeholders to provide required evidence and responses.
- Ensure full compliance with ISO control requirements.
-
Reporting & Governance
- Prepare professional governance materials including reports, dashboards, audit summaries, board-level presentations, and compliance tracking sheets.
- Provide continuous visibility to leadership on ISMS performance and risks.
-
Technical Advisory
- Provide technical input and guidance on firewall and network security solutions, WAF, load balancers, SIEM technologies, Windows Server & Linux environments, and cloud environments (Azure/AWS/GCP).
- Basic scripting languages (Python, PHP, JavaScript) are a plus.
- Collaborate with technical teams to validate controls, review configurations, and ensure security compliance.
Candidate Requirements:
-
Experience: Minimum 8+ years of experience in Cybersecurity, GRC, and ISMS implementations. Demonstrated expertise in implementing, managing, and maintaining ISO 27001 frameworks. Strong background in security documentation, governance activities, and audit support.
-
Technical Competencies:
- Solid understanding of firewalls, WAF, SIEM platforms, and network security components.
- Hands-on experience with Windows & Linux server environments.
- Knowledge of cloud security principles across major cloud providers (Azure/AWS/GCP).
- Basic programming/scripting skills (Python, PHP, JavaScript).
Language Requirements: Fluent in English (additional languages may be beneficial but are not specified).
