Information Security Risk Officer

As an Information Security Risk Officer, you will support the day-to-day activities of our Security Governance team, contributing to cybersecurity risk assessments and regulatory compliance monitoring. You will develop hands-on familiarity with regulatory frameworks, including the SAMA Cybersecurity Framework and NCA Essential Cybersecurity Controls (ECC), and enhance your understanding of how cybersecurity risk is managed within a financial institution.

Core Responsibilities:

• Support cybersecurity compliance self-assessments by collecting and organizing evidence across control domains.
• Research regulatory requirements, cybersecurity standards, and emerging risk topics to inform governance activities.
• Assist in analyzing cybersecurity risk data and documenting findings in risk registers and assessment reports.
• Help evaluate the implementation of technical controls across technical environments.
• Contribute to the tracking of identified risks, vulnerabilities, and mitigation actions.
• Assist in preparing governance documentation, reports, and compliance records.
• Support the team in monitoring adherence to internal policies and regulatory frameworks.

What We’re Looking For:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• Basic understanding of cybersecurity concepts, including network, endpoint, and application security.
• Awareness of cybersecurity risk management principles and security control frameworks.
• Familiarity with SAMA and NCA regulatory requirements is an advantage.
• Strong research, analytical, and documentation skills.
• Excellent written and verbal communication in Arabic and English, with the ability to present findings clearly and concisely.
• Eagerness to learn, high attention to detail, and a risk-based mindset.
• Around 2 years of experience, with a preferred 1 year in a relevant role.