The role is responsible for overseeing the organization's information security program, focusing on governance, risk management, compliance, security awareness, and policy management. He/she will ensure the company adheres to relevant regulatory, legal, and industry frameworks. He/she will work independently to assess compliance risks, prepare for audits, and collaborate cross-functionally to support a strong and sustainable compliance posture.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Responsibilities
- Develop, implement, and manage the organization’s GRC framework aligned with regulatory requirements and industry best practices.
- Lead internal and external information security audits; coordinate with stakeholders to ensure timely and effective remediation of findings.
- Oversee enterprise risk management practices, including risk identification, assessment, and mitigation related to information security.
- Manage the development and maintenance of security policies, standards, and procedures.
- Serve as the primary point of contact for security compliance matters, including regulatory audits and third-party assessments.
- Collaborate with Legal, IT, Internal Audit, and Business Units to ensure consistent compliance and risk management practices.
- Monitor changes in laws, regulations, and industry standards to assess impact and ensure ongoing compliance.
- Promote a culture of security and compliance awareness through training and stakeholder engagement.
- Enforce, incorporate, and comply with all necessary controls and related information security policies, procedures, practices, training, reporting, personal due diligence, and vigilance within departmental/unit activities and operations.
Requirements
- Have a tertiary level qualification from an internationally recognized institution in Information Technology or Computer Science.
- Security certifications such as CISA, CRISC, COBIT, IIA, or equivalent preferred.
- Recommended to have 5 to 7 years of experience demonstrated in Data Analytics, Data Operations, or related experience.
- Advanced experience in information security, including GRC-related roles.
- Excellent communication and interpersonal skills for collaborating with various stakeholders.
- Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management.
Location
Riyadh, Saudi Arabia
