Job Title: Information Security Risk Officer
Division: Cybersecurity
Location: Riyadh
Working Hours: 8:00 AM to 5:00 PM (Sunday to Thursday)
About the Role
As an Information Security Risk Officer, you will support the day-to-day activities of our Security Governance team - contributing to cybersecurity risk assessments, and regulatory compliance monitoring. You will develop hands-on familiarity with regulatory frameworks including the SAMA Cybersecurity Framework and NCA Essential Cybersecurity Controls (ECC), and grow your understanding of how cybersecurity risk is managed within a financial institution.
Core responsibilities:
- Support cybersecurity compliance self-assessments by collecting and organizing evidence across control domains
- Research regulatory requirements, cybersecurity standards, and emerging risk topics to inform governance activities
- Assist in analyzing cybersecurity risk data and documenting findings in risk registers and assessment reports
- Help evaluate the implementation of technical controls across technical environments
- Contribute to the tracking of identified risks, vulnerabilities, and mitigation actions
- Assist in preparing governance documentation, reports, and compliance records
- Support the team in monitoring adherence to internal policies and regulatory frameworks.
What We're Looking For
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field
- Basic understanding of cybersecurity concepts - including network, endpoint, and application security
- Awareness of cybersecurity risk management principles and security control frameworks
- Familiarity with SAMA and NCA regulatory requirements is an advantage
- Strong research, analytical, and documentation skills
- Excellent written and verbal communication in Arabic and English - ability to present findings clearly and concisely
- Eagerness to learn, high attention to detail, and a risk-based mindset
- Around 2 years of experience with preferred 1 years in a relevant role.
