Cyber Security GRC Specialist

Cybersecurity GRC Specialist

📍 Saudi Arabia | 🏢 Cyber | 🕒 Full-time

Location:

Jeddah

About Cyber:
At Cyber
, we are committed to strengthening organizational resilience through robust cybersecurity governance, risk management, and regulatory compliance. We operate in alignment with the Kingdom of Saudi Arabia’s regulatory landscape, ensuring adherence to NCA, SAMA, and international best practices.

We are seeking a Cybersecurity GRC Specialist to support and enhance our Governance, Risk, Compliance, and Security Awareness programs. This role plays a critical part in protecting our information assets, cloud environments, and data by ensuring effective governance structures, regulatory compliance, and risk mitigation strategies.

Cybersecurity Governance

• Develop, implement, and maintain cybersecurity governance policies, frameworks, and standards.
• Monitor organizational adherence to established cybersecurity policies and controls.
• Provide periodic governance and risk posture reports to the CISO and executive leadership.
• Maintain cybersecurity documentation aligned with regulatory and industry standards.

Risk Management

• Conduct comprehensive cybersecurity risk assessments across business units and cloud environments.
• Identify, evaluate, and prioritize cybersecurity risks.
• Maintain and continuously update the organizational risk register.
• Drive remediation efforts and ensure timely closure of identified risks and audit findings.

Compliance & Regulatory Alignment

• Ensure compliance with KSA regulatory frameworks (e.g.,
  NCA ECC
  , SAMA CSF
  ) and international standards such as ISO 27001
  .
• Support internal and external audit activities.
• Evaluate the effectiveness of implemented technical and administrative security controls.
• Prepare and submit regulatory compliance reports as required.

Business Continuity & Incident Support

• Assist in the development and maintenance of Business Continuity and Disaster Recovery plans.
• Support Business Impact Analysis (BIA) activities.
• Participate in testing and validation of continuity and recovery procedures.
• Contribute to incident response efforts to ensure minimal operational disruption.

Security Awareness

• Support and promote cybersecurity awareness initiatives across the organization.
• Assist in managing awareness tools and programs.
• Foster a strong cybersecurity culture and ensure employee understanding of risks and responsibilities.

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field.
• 2–4 years of experience in Cybersecurity GRC or related roles.
• Strong understanding of governance frameworks, risk management methodologies, and compliance practices.
• Knowledge of KSA regulatory requirements (NCA, SAMA) and ISO 27001 standards.
• Hands‑on experience with GRC tools is preferred.

• ISO 27001 Lead Implementer
• CompTIA Security+
• Other relevant GRC certifications are a plus