Senior Cybersecurity GRC Specialist

NEOM Green Hydrogen Company Limited (NGHC)

NEOM Green Hydrogen Company (NGHC) is on a mission to make a carbon-free, climate-safe future a reality. We are building the world's largest plant to produce green ammonia at scale, providing humankind with a cost-efficient solution that will accelerate the worldwide green hydrogen economy. Located in NEOM and supporting Saudi Arabia's Vision 2030, NGHC will be integrating up to 4GW of onshore solar and wind energy to supply up to 650 tons of green ammonia per day for transportation globally. Operations will go onstream in 2026. NGHC brings together the technology, operational efficiency and know-how of ACWA Power, Air Products and NEOM in a joint-venture partnership with over 80 years of combined experience in the fields of hydrogen, energy, renewables and global networks.

JOB DETAILS

Division: Cybersecurity GRC

REPORTS TO: Cybersecurity GRC Manager

POSITION SUMMARY

The Senior Cybersecurity GRC Specialist plays a key role in supporting the implementation of cybersecurity governance, risk, and compliance activities. This includes ensuring alignment with regulatory frameworks, conducting risk assessments, and assisting in policy development and compliance audits.

NATURE & SCOPE

The Senior Cybersecurity GRC Specialist supports the implementation and operation of the organization's cybersecurity governance, risk, and compliance activities. The role focuses on executing risk assessments, maintaining compliance documentation, supporting policy lifecycle management, facilitating audits, and contributing to regulatory readiness. The scope spans collaboration with business units, IT, and vendors to gather evidence, assess risks, and track remediation activities.

PRINCIPAL DUTIES AND RESPONSBILITIES:

Ensure accurate issuance and revocation of access cards for employees, contractors, visitors, and equipment.

Maintain all materials and tools used in the card issuance process and preserve their records.

Support management in the full implementation of entry and exit procedures.

Establish, monitor, and continuously improve ID card and vehicle permit issuance processes.

SKILLS / TECHNICAL KNOWLEDGE AREAS:

• Support the maintenance of cybersecurity policies and procedures in line with national and international standards.
• Conduct and document risk assessments across business and IT assets.
• Perform gap assessments against NCA ECC, ISO 27001, NIST CSF, and other regulatory frameworks.
• Assist in managing and tracking compliance issues and remediation efforts.
• Maintain the risk register and support risk mitigation tracking.
• Prepare audit evidence and support regulatory submissions.
• Assist with third-party/vendor security risk assessments.
• Coordinate with internal teams to gather documentation and evidence for compliance.
• Support awareness campaigns and GRC training programs.
• Prepare reports and dashboards for leadership

MINIMUM YEARS EXCPERIENCE IN SIMILAR JOB ROLE:

3+ years of experience in cybersecurity GRC or IT compliance.

QUALIFICATIONS REQUIRED

• Bachelor's degree in Cybersecurity, Information Security, or related field.
• Industry certifications: ISO 27001 Foundation/Implementer, CRISC, CISA.