Search by job, company or skills

N

Info Sec GRC Lead

Nextera Communications
Saudi Arabia, Riyadh
8-10 Years
Save
new job description bg glownew job description bg glownew job description bg svg
  • Posted 16 hours ago
  • Be among the first 10 applicants
Early Applicant

Job Description

NextEra is seeking an experienced InfoSec GRC Lead to join our Cybersecurity function in Riyadh. Reporting directly to the CISO, you will drive our governance, risk, and compliance (GRC) agenda, ensuring alignment with regulatory frameworks such as NCA ECC, ISO 27001, SOC 2, and PDPL. You will play a key role in building a strong cybersecurity culture, partnering with internal stakeholders and regulators to ensure compliance, mitigate risks, and establish effective governance processes across all cybersecurity domains.

Key Responsibilities

Governance

  • Develop, implement, and maintain cybersecurity governance policies and frameworks in line with NCA and international standards.
  • Establish reporting mechanisms and KPIs to track compliance and maturity.
  • Advise management on governance and compliance issues.

Risk Management

  • Lead the identification, assessment, and mitigation of cybersecurity risks across business units.
  • Maintain and update the risk register, ensuring continuous monitoring and reporting.
  • Support vendor risk management and third-party assessments.

Compliance

  • Ensure adherence to regulatory and contractual obligations (NCA ECC, SCyWF, ISO 27001, SOC 2, PDPL, GDPR where applicable).
  • Lead internal audits, readiness assessments, and support external audits.
  • Develop corrective action plans and track remediation progress.

Collaboration & Awareness

  • Partner with Legal, HR, IT, and other units to align governance and compliance efforts.
  • Support the development of cybersecurity awareness and training programs.
  • Represent NextEra in discussions with regulators and external stakeholders.

Qualifications & Experience

Experience:

  • 8+ years in cybersecurity governance, risk, and compliance.
  • Minimum 3 years in regulated industries (banking, energy, telecom, tech, or government).
  • Proven track record in implementing compliance programs aligned with NCA, ISO, or equivalent frameworks.
  • Education:
  • Bachelor's degree in information security, Computer Science, or related field (minimum).
  • Master's degree or professional certifications (CISM, CRISC, ISO 27001 Lead Implementer/Auditor) preferred.
  • Requirements:
  • Strong knowledge of international and national regulatory requirements (NCA ECC, GDPR, PDPL, etc.).
  • Hands-on experience with risk management frameworks and tools.
  • Excellent communication and influencing skills, especially with senior leadership.
  • Strong project management and organizational skills.
  • Must be based in the Kingdom of Saudi Arabia (KSA).

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 146034653

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 18-04-2026 11:22:38 PM
Homejobs in Saudi ArabiaInfo Sec GRC Lead

Similar Jobs

Enterprise Data Architect

frameworks and methodologies businesses (fmb)

Risk Manager

Abunayyan Holding

Cyber Security Supervisor

Seder Group

SAP Ariba Upstream Lead

Heptarc Technology Solutions Private Limited

SAP Hybris (Commerce Cloud) Lead Developer

Pradeepit Consulting Services
P