Cybersecurity GRC specialists shall have cybersecurity expertise to work closely with the CS GRC Senior Manager to assist with conducting Cybersecurity Risk Assessments, compliance, and governance activity, ensuring that policies, procedures, processes, frameworks, and guidelines are developed and reviewed in compliance with cybersecurity laws, regulations, and mandates. They will also work across teams to design, implement, and test various security processes and controls to ensure compliance with ROSHN’s security program and meet regulatory requirements.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Responsibilities
- Assist in developing and reviewing cybersecurity policies, procedures, processes, frameworks, and guidelines.
- Support the execution of information security compliance and maturity assessments, leveraging international standards and industry best practices.
- Identify, analyze, and evaluate information security processes and controls (e.g., access management, incident management, business continuity).
- Assess compliance with national cybersecurity laws, regulations, and mandates (e.g., NCA).
- Perform cybersecurity risk analysis based on recognized frameworks (e.g., NIST, ISO/IEC 31000, ISO/IEC 27005).
- Monitor and report on ROSHN’s compliance with national cybersecurity requirements.
- Develop and recommend cybersecurity countermeasures and risk mitigation strategies.
- Collaborate with stakeholders to implement and maintain an effective cybersecurity risk management program.
- Collect, analyze, and present data to support risk management reporting and visualization, ensuring clear communication to target audiences.
- Recommend, implement, and manage risk management and compliance tools to strengthen governance capabilities.
Required Skills
- 3+ years of experience in Cybersecurity.
- Strong technical background and knowledge in IT Security, Information Security, and Risk Management.
- Familiarity with information security policies, standards, and regulatory/framework compliance requirements.
- Understanding of national and international cybersecurity and risk management standards and best practices (e.g., NCA, NDMO, ISO/IEC 27001/27002, ISO/IEC 27005, NIST Cybersecurity Framework).
- Awareness of the regional regulatory environment and experience in compliance assessments.
- Professional certifications (e.g., CompTIA Security+, GISF) preferred.
Qualifications
- 3+ years of experience in Cybersecurity.
- Strong technical background and knowledge in IT Security, Information Security, and Risk Management.
- Familiarity with information security policies, standards, and regulatory/framework compliance requirements.
- Understanding of national and international cybersecurity and risk management standards and best practices (e.g., NCA, NDMO, ISO/IEC 27001/27002, ISO/IEC 27005, NIST Cybersecurity Framework).
- Awareness of the regional regulatory environment and experience in compliance assessments.
- Professional certifications (e.g., CompTIA Security+, GISF) preferred.
