Senior Cybersecurity GRC Specialist

We are looking for a highly skilled and motivated Cybersecurity GRC Specialist to join our Governance, Risk, and Compliance (GRC) team. This role is crucial in aligning our cybersecurity practices with Saudi regulatory frameworks and international standards. The ideal candidate will have hands-on experience in risk assessments, compliance expertise, and a thorough understanding of cloud environments and the associated risks.

About the company: The company is a rapidly growing technology firm headquartered in Riyadh, Saudi Arabia, focused on revolutionizing Artificial Intelligence and Data Science. The company aims to support the Vision 2030 initiative and has a proven track record in assisting government organizations, corporations, and startups in the GCC region. The company is excited about scaling its operations to provide AI-powered products and solutions that benefit digital humanity.

Key Responsibilities:

• Conduct comprehensive cybersecurity risk assessments across business units and IT systems.
• Ensure compliance with Saudi regulatory frameworks including NCA ECC, SAMA CSF, and PDPL.
• Support audits and assessments related to regulatory and international standards.
• Develop, review, and update cybersecurity policies, procedures, and control mappings.
• Collaborate with internal stakeholders to ensure effective implementation and monitoring of security controls.
• Assist in implementing data privacy controls and breach notification procedures in line with PDPL and GDPR.
• Track and manage risk treatment plans, exceptions, and compliance gaps using GRC platforms.
• Evaluate and monitor security controls in cloud environments to ensure compliance and risk mitigation.
• Stay informed on AI technologies and assess their impact on cybersecurity posture, including risks related to data leakage, model integrity, and regulatory compliance.

Qualifications:

• Bachelor’s degree in Information Security, Computer Science, or a related field.
• 3–5 years of experience in cybersecurity risk management, compliance, or audit.
• Strong knowledge of NCA ECC, SAMA CSF, PDPL, ISO/IEC 27001, ISO/IEC 27017, ISO/IEC 27018, and GDPR.
• Relevant certifications such as ISO 27001 Lead Auditor, CISA, CISM, CIPM, or CRISC are preferred.
• Proficiency in English is required for documentation, communication, and collaboration.
• Understanding of cloud environments and related security and compliance considerations is essential.
• Awareness of AI technologies and their associated risks.

Preferred Attributes:

• Strong analytical and problem-solving skills.
• Excellent communication and documentation abilities.
• Ability to work independently and collaboratively in a fast-paced environment.

Benefits:

• Competitive compensation and top-tier health insurance.
• A dynamic workplace culture with significant responsibility and trust.
• Opportunity to work alongside leading minds in AI and contribute to impactful projects.

Location: Riyadh, Saudi Arabia Job Type: On-site, Full-time

Note: This position is open to Saudi nationals only in accordance with the Saudization (Nitaqat) initiative.