Cybersecurity GRC Consultant
Riyadh - Saudi Arabia
Job Summary
The Cybersecurity GRC Consultant supports the design implementation and continuous improvement of cybersecurity governance risk and compliance initiatives. The role contributes to the development of governance frameworks policies operating models and regulatory compliance activities while ensuring alignment with organizational objectives and Saudi cybersecurity regulations. The consultant works closely with senior consultants architects and client stakeholders to deliver high-quality governance artifacts and advisory services.
Qualifications :
Key Responsibilities
- Support the development implementation and maintenance of the cybersecurity governance framework including policies standards procedures and guidelines.
- Assist in designing and improving cybersecurity governance operating models organizational structures and RACI matrices.
- Contribute to the development and maintenance of governance-related KPIs KRIs dashboards and reporting mechanisms.
- Perform governance maturity assessments gap analyses and benchmarking activities against industry best practices.
- Prepare governance documentation reports presentations and recommendations for client review.
- Ensure governance deliverables align with Saudi regulatory requirements including NCA ECC CST (formerly CITC) SAMA Cybersecurity Framework and relevant international standards such as ISO/IEC 27001 and NIST Cybersecurity Framework.
- Support governance committees working groups and client workshops by preparing documentation facilitating discussions and tracking action items.
- Collaborate with Risk Management Compliance Third-Party Risk Management (TPRM) Enterprise Architecture and Security Operations teams to ensure governance activities are integrated across cybersecurity domains.
- Assist in the review and quality assurance of governance documentation and project deliverables.
- Monitor regulatory updates and industry trends to recommend improvements to governance practices.
- Provide advisory support to clients on cybersecurity governance best practices and regulatory compliance requirements.
- Contribute to knowledge sharing documentation and continuous improvement initiatives within the Cybersecurity GRC practice.
Qualifications
- Bachelors degree in Cybersecurity Information Security Information Technology Computer Science or a related discipline.
- 37 years of experience in Cybersecurity Governance Risk & Compliance (GRC) Information Security or Cybersecurity Consulting.
- Experience in developing governance documentation policies standards and cybersecurity frameworks.
- Familiarity with cybersecurity governance operating models and organizational structures.
- Experience supporting governance assessments compliance initiatives and regulatory audits.
- Knowledge of Saudi cybersecurity regulations and international security standards.
- Experience working within consulting managed services or large enterprise environments is preferred.
Ytterligere informasjon :
Business Unit: Strategy & Transformation
Level: Mid Level
Remote Work :
No
Employment Type :
Full-time
About Company
Devoteam is a AI-driven tech consulting firm specialised in cloud platforms, cyber, data, and sustainability. Tech native for almost 30 years, Devoteam guides businesses through sustainable digital transformation to deliver value. With over 11,000 tech architects in more than 25 co ... View more