Cybersecurity GRC Specialist

Saudi Accreditation Center is looking for a qualified Cybersecurity GRC(Governance, Risk, and Compliance) Specialist who will be responsible for keeping the organization's data and IT infrastructure secure, designing strategies and defensive solutions to protect against attacks and threats, developing and maintaining cybersecurity policies, standards, procedures, and guidelines, and ensuring the cybersecurity initiatives and projects are compliant with approved local and international requirements and standards.

Main Responsibilities:

1. Develop, implement, and maintain security strategies, policies, procedures, and standards to align with business objectives and regulatory requirements.
2. Identify, evaluate, and mitigate cybersecurity risks and vulnerabilities through regular risk assessments.
3. Manage risk and vulnerability assessments, validation testing, compliance reviews, and audits in accordance with NCA standards.
4. Act as the primary point of contact for external audits and lead internal compliance reviews.
5. Assess and manage security risks associated with third-party vendors.
6. Oversee and verify the operations of the managed cybersecurity services provider.
7. Create training programs and promote a culture of security compliance within the workforce.

Minimum Requirements:

1. Bachelor's degree in Cybersecurity, Computer Science or relevant field.
2. 3+ years of experience as a Cybersecurity GRC Specialist or similar role.
3. Experience in leading project teams, coordinating activities, and assigning tasks to team members, ensuring adherence to project schedules and milestones, and implementing corrective actions to keep projects on track.
4. Experience in analyzing high volumes of logs, network data and other attack artifacts.
5. Experience in implementing and maintaining security controls.
6. Experience in cybersecurity standards audits (e.g. NCA standards).
7. A strong analytical mind with proven problem-solving abilities.
8. Strong organizational, time-management and multi-tasking skills.
9. Advanced certifications in Cybersecurity (e.g. CISA, GIAC, CISSP or CASP) are a plus.

Kind Regards,