The Cybersecurity GRC Specialist will support the Senior Manager of Cybersecurity GRC by providing expertise in risk management, compliance, and governance. This role is responsible for assisting in the execution of cybersecurity risk assessments and ensuring that policies, procedures, frameworks, and guidelines are developed, reviewed, and aligned with applicable laws, regulations, and mandates. The CSGRC Specialist will also collaborate across teams to design, implement, and test security processes and controls, ensuring adherence to ROSHN’s cybersecurity program and fulfillment of regulatory requirements.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Responsibilities
- Assist in developing and reviewing cybersecurity policies, procedures, processes, frameworks, and guidelines.
- Support the execution of information security compliance and maturity assessments, leveraging international standards and industry best practices.
- Identify, analyze, and evaluate information security processes and controls (e.g., access management, incident management, business continuity).
- Assess compliance with national cybersecurity laws, regulations, and mandates (e.g., NCA).
- Perform cybersecurity risk analysis based on recognized frameworks (e.g., NIST, ISO/IEC 31000, ISO/IEC 27005).
- Monitor and report on ROSHN’s compliance with national cybersecurity requirements.
- Develop and recommend cybersecurity countermeasures and risk mitigation strategies.
- Collaborate with stakeholders to implement and maintain an effective cybersecurity risk management program.
- Collect, analyze, and present data to support risk management reporting and visualization, ensuring clear communication to target audiences.
- Recommend, implement, and manage risk management and compliance tools to strengthen governance capabilities.
Required Skills
- 3+ years of experience in Cybersecurity.
- Strong technical background and knowledge in IT Security, Information Security, and Risk Management.
- Familiarity with information security policies, standards, and regulatory/framework compliance requirements.
- Understanding of national and international cybersecurity and risk management standards and best practices (e.g., NCA, NDMO, ISO/IEC 27001/27002, ISO/IEC 27005, NIST Cybersecurity Framework).
- Awareness of the regional regulatory environment and experience in compliance assessments.
- Professional certifications (e.g., CompTIA Security+, GISF) preferred.
Qualifications
- 3+ years of experience in Cybersecurity.
- Strong technical background and knowledge in IT Security, Information Security, and Risk Management.
- Familiarity with information security policies, standards, and regulatory/framework compliance requirements.
- Understanding of national and international cybersecurity and risk management standards and best practices (e.g., NCA, NDMO, ISO/IEC 27001/27002, ISO/IEC 27005, NIST Cybersecurity Framework).
- Awareness of the regional regulatory environment and experience in compliance assessments.
- Professional certifications (e.g., CompTIA Security+, GISF) preferred.
