GRC Specialist

We are seeking an experienced GRC Specialist to support the implementation, documentation, and enhancement of our Information Security Management System (ISMS) in alignment with ISO 27001 standards. The ideal candidate will have a strong technical background in cybersecurity, governance, and risk management, with a proven ability to ensure compliance across complex IT environments.

Location: Riyadh, Saudi Arabia (On-site)

Work Conditions: Contract; Available within 2 weeks for a 6-month engagement

Key Responsibilities:

• Develop, update, and maintain ISO-related policies and procedures concerning governance, risk management, and cybersecurity compliance.
• Conduct risk assessments, document findings, and maintain detailed ISO-related records and evidence.
• Support internal and external audit preparation to ensure alignment with ISO 27001 requirements.
• Prepare reports, presentations, and governance board materials for ongoing cybersecurity and compliance initiatives.
• Provide technical expertise and guidance related to cybersecurity controls, compliance measures, and continuous improvement of ISMS.
• Collaborate with cross-functional teams to implement and monitor ISO 27001 controls, ensuring effective risk mitigation and adherence to regulatory standards.

Candidate Requirements:

• 5–8 years of hands-on experience in cybersecurity projects, specifically involving the implementation and documentation of ISO 27001 Information Security Management Systems.
• Strong technical foundation across:
  • Firewall, WAF, SIEM, Load Balancing
  • Windows Server, Linux, and Cloud Environments
  • Scripting or development experience in Python, PHP, or JavaScript.
• Excellent understanding of risk management frameworks, governance models, and audit procedures.
• Arabic-speaking and available for on-site work in Riyadh.