Sign in as

Choose your account type

Client
Languages

Choose your preferred language

EnglishFrançaisNederlandsالعربية
Gentis
Gentis

Gentis

https://www.gentis.com/en

Security Solution Analyst - GRC Cybersecurity

Permanent
On-site
Al Khobar, Saudi Arabia
Copied to clipboard

About us

Welcome to Gentis, the driving force behind tomorrow's STEM careers! We are more than just a recruitment agency, we are a team of industry-leading recruiters who are passionate about helping candidates reach their full potential.

Our mission is to create a more sustainable future by connecting the best talent with the most exciting opportunities. Our global reach, from Europe to North America, Africa, and the Middle East, puts us at the forefront of placing candidates in strategic technical roles, both temporary and permanent.

Are you looking to make a positive impact on the world? Do you want a rewarding career that challenges you and allows you to grow? If so, you've come to the right place. At Gentis, we transform careers into legends. Are you ready to start your next professional adventure?

About the job

A leading organization in Saudi Arabia is seeking a Cybersecurity Compliance Officer to join their GRC team. The role focuses on developing and maintaining security governance frameworks, policies, and procedures to ensure alignment with regulatory requirements. The candidate will drive compliance with national cybersecurity regulations, data protection laws, and international security standards.


Key responsibilities include monitoring regulatory compliance, conducting internal security assessments, managing GRC technology platforms, and coordinating external audit engagements. The position requires regular reporting to GRC leadership and supporting organizational certification initiatives.


The ideal candidate will have experience in implementing and maintaining comprehensive security compliance programs while ensuring adherence to industry and regulatory requirements.


Detailed Responsibilities:

  • Develop and maintain comprehensive cybersecurity governance frameworks, policies, and procedures ensuring alignment with regulatory requirements, including NCA controls.
  • Drive compliance with key security standards and regulations including PDPL, ISO 27001, and other applicable frameworks. Monitor and implement emerging requirements.
  • Perform technical security reviews of system configurations, network architecture, and control implementations to validate compliance and security best practices.
  • Lead internal security assessments and compliance reviews to identify and remediate control gaps.
  • Implement and administer GRC automation platforms to enhance compliance monitoring efficiency and reporting capabilities.
  • Design and oversee control attestation procedures, working with control owners to validate and document control effectiveness.
  • Develop and execute third-party security assessment program to evaluate and monitor vendor security practices.
  • Generate regular security status reports for GRC management. Effectively communicate security risks, issues and recommendations to key stakeholders.
  • Manage external audit engagements and certification processes to ensure successful outcomes and continued compliance.

Key Competencies:

  • Information Security Governance: Advanced knowledge of security frameworks, policies, and strategic integration of security with business operations. Strong understanding of cyber resilience principles.
  • Regulatory & Standards Expertise: Comprehensive understanding of data protection laws, international security standards (ISO), and industry regulations. Ability to interpret and apply evolving requirements.
  • Technical Security Knowledge: Proficiency in assessing system security configurations, network architecture, and control implementations. Deep understanding of security best practices.
  • Security Assessment: Expert capability in conducting security assessments and compliance reviews. Strong analytical skills in control effectiveness evaluation.
  • GRC Technology: Advanced knowledge of GRC platforms and automation solutions. Expertise in optimizing compliance monitoring and reporting processes.
  • Control Framework: Deep understanding of control validation procedures and attestation processes. Knowledge of control documentation best practices.
  • Third-Party Security: Expert knowledge of vendor security assessment methodologies and supply chain risk management principles.
  • Strategic Communication: Strong ability to articulate complex security concepts to various stakeholders. Excellence in security status reporting and presentation.
  • Audit Management: In-depth knowledge of external audit and certification processes. Strong understanding of audit evidence requirements and remediation approaches.
  • Policy Architecture: Expert understanding of control frameworks and their relationship to organizational policies. Proficiency in mapping security requirements to operational controls.


Core Responsibilities:

  • Information Security Governance: Develop and oversee security frameworks, policies, and procedures aligned with business objectives. Integrate security strategy with operations to maintain business continuity and cyber resilience.
  • Regulatory & Standards Management: Ensure adherence to data protection laws, international security standards (ISO), and industry regulations. Monitor evolving requirements and update security practices accordingly.
  • Technical Security Oversight: Assess and validate system security configurations, network architecture, and control implementations against security requirements and industry best practices.
  • Security Assurance: Lead internal security assessments and compliance reviews. Evaluate control effectiveness and drive continuous improvement initiatives.
  • Technology & Process Optimization: Implement and manage GRC platforms and automation solutions to enhance compliance monitoring and reporting efficiency.
  • Control Management: Design and maintain control validation procedures, ensuring proper documentation and attestation from control owners.
  • Third-Party Risk Management: Develop and execute vendor security assessment programs. Evaluate and monitor external partner security postures to manage supply chain risks.
  • Stakeholder Management: Deliver regular status updates to GRC leadership on security posture and program effectiveness. Drive clear communication channels with key stakeholders.
  • Audit Coordination: Support external audit engagements and certification processes. Partner with auditors and internal teams to facilitate successful outcomes.
  • Policy Framework Administration: Maintain unified control framework mapping security requirements to organizational policies. Establish clear relationships between policies, standards, and operational controls.


Education & Professional Certifications:


· Advanced degree in Computing/Technology field (Bachelor's/Master's in Computer Science or related)

· Governance, Risk & Compliance certification (ISC2 GRC)

· CISSP (Certified Information Security Professional)

· CISA (Certified Information Systems Auditor)

· Security Controls Framework certification (SANS SEC566)

· OSCP (Offensive Security Certified Professional)

Job location

Job summary

Monthly net salary

between 17 000 SR and 21 000 SR

Payroll Country

Saudi Arabia

Location

Al Khobar Saudi Arabia

6 applicants

Our recruitment process

  • Phone Interview

    First contact with our Talent Acquisition team!

  • Personality Test

    The recruiter profession requires a specific set of soft skills. This test will help determine if you have the necessary qualities.

  • Interview w/ Manager/Team Leader

    A great opportunity to get to know your future manager!

  • Trial Day

    Experience a typical day at Gentis during our Trial Day!

Similar jobs

We use cookies on this website to enhance your experience. Continued use of this website means you accept our cookies policy.