×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security IT Consultant Data Security

Senior Consultant​/Manager | Cybersecurity - GRC| Saudi Nationals

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: SupportFinity™
Full Time position
Listed on 2026-03-01
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Consultant, Data Security
Salary/Wage Range or Industry Benchmark: 300000 - 400000 SAR Yearly SAR 300000.00 400000.00 YEAR
Job Description & How to Apply Below
Position: Senior Consultant/Manager | Cybersecurity - GRC| Saudi Nationals Only|

Senior Consultant/Manager | Cybersecurity - GRC | Saudi Nationals Only | Riyadh

Deloitte | Posted Feb 24, 2026

Full-time

Riyadh Region

Negotiable

Advanced (5-10 yrs)

Senior Consultant/Manager | Cyber | Foundry GRC | Riyadh

During your tenure as SC/M you will demonstrate and develop your capabilities in the following areas:

  • Lead and manage cybersecurity and data privacy controls assessments on third parties and vendors in line with industry, regional and international best standards and regulations e.g., NIST CSF, ISO 27001, UAE-NESA, Information Security Regulation (ISR), GDPR and UAE PDPL.
  • Coordinate scheduling, evidence collection and responses with third party point of contact.
  • Collect and review control evidence and analyze third party information and data.
  • Review independent assurance reports and certifications (e.g., SOC 1 & 2, ISO 27001).
  • Support contract reviews and negotiations over cybersecurity requirements and clauses by working closely with procurement and legal teams.
  • Provide guidance and support team in performing risk assessments to evaluate inherent and residual cybersecurity risks. Analyze the likelihood and potential impact of identified risks using qualitative and quantitative methods.
  • Determine adequate treatment plans for identified risks and control gaps, detailing findings, recommendations and mitigation strategies.
  • Develop action plans and timelines for implementing risk controls and track remediation plans to reduce identified risks and close control gaps.
  • Collaborate with stakeholders and relevant business departments to implement risk mitigation plans and actions.
  • Manage the maintenance and monitor a third party cybersecurity risk register for the whole organization.
  • Monitor and support in remediation activities and work with the third party to ensure findings are being remediated appropriately. Ensure all third party cybersecurity risk management processes and SOPs are being adopted.
  • Ensure all technology integrations for the cybersecurity third party program are working effectively and technical issues are identified and resolved with respective technical teams.
  • Track key performance and risk indicators (KPIs, KRIs) to measure program performance and risk reduction over time.
  • Manage risk assessment tools and GRC solutions to support third party cybersecurity controls and risk assessments, as well as calculate risk levels and prioritize areas of concern.
  • Administer and maintain technology platform and solutions utilized to perform third party cybersecurity and data privacy assessments.
  • Prepare and maintain documentation, including policies, procedures, standards, and guidelines that support the third party cyber risk management framework.
  • Lead the development of third party cybersecurity risk reports and dashboards using tools such as Power

    BI.
  • Communicate and present findings to stakeholders, management, and regulatory bodies as required.
  • Liaise with key departments (e.g., Procurement, Legal, HR, operations) to address specific cybersecurity third party risk matters.
  • Conduct root cause analysis for identified cybersecurity incidents relating to third parties and work with threat and incident response teams to evaluate risks and prevent future occurrences.
  • Develop and deliver training materials to educate employees and business stakeholders on identifying and managing third party risks.
  • Research and integrate best practices for risk management within the industry and implement it in day to day operations to ensure continuous improvement.
Qualifications
  • Bachelors in computer science, information security or related field / masters in computer science, information security or related field.
  • A minimum of 5+ years of experience.
  • Strong technical knowledge of cybersecurity domains (Governance, Compliance, Risk Management, Identity and Access Management, Data Security, Cryptography, Network security, Cloud Security, Endpoint Security, Business Continuity Management, Operational Technology, Data Lifecycle Management etc).
  • Strong technical knowledge of third party cybersecurity risk management frameworks, IT governance frameworks, regulatory requirements, and best practices.
  • Strong technical experience conducting and managing third party cybersecurity assessments.
  • Hands‑on experience with security frameworks such as ISO 27001, PCI, NCA, SAMA CSF, NIST, etc.
  • Knowledge of relevant laws and regulations such as NESA ISR, UAE PDPL, GDPR, HIPAA, SOX, etc.
#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search