Senior Cyber Security GRC Consultant

Job Title:Senior Cyber Security GRC Consultant

Location: RIYADH, SA

Employment Type: 

Permanent

Job Overview:

We are seeking a highly skilled Senior Cyber Security GRC Consultant to lead and support our Cybersecurity Maturity Program. The ideal candidate will have extensive experience in governance, risk management, and compliance (GRC) within the cybersecurity domain. You will be responsible for assessing, developing, and enhancing cybersecurity maturity models for our clients, ensuring alignment with industry standards and best practices.

Key Responsibilities:

Cybersecurity Maturity Assessment:

Conduct comprehensive assessments of an organization's current cybersecurity posture using established frameworks (e.g., NIST Cybersecurity Framework, ISO 27001, SAMA CSF). Identify gaps in existing cybersecurity practices and recommend strategies to improve maturity levels. Develop tailored cybersecurity maturity models and roadmaps to guide organizations toward enhanced cybersecurity capabilities.

Governance, Risk Management, and Compliance (GRC):

Lead the implementation and management of GRC processes, ensuring alignment with regulatory requirements and industry standards. Advise on the creation and enforcement of cybersecurity policies, procedures, and controls. Conduct risk assessments to identify, analyze, and mitigate cybersecurity risks across the organization.

Program Management:

Oversee the development and execution of the Cybersecurity Maturity Program, including project planning, resource management, and stakeholder engagement. Provide guidance and mentorship to junior consultants and team members involved in the program. Ensure timely delivery of program milestones and maintain effective communication with clients and internal stakeholders.

Training and Awareness:

Design and deliver cybersecurity training and awareness programs to educate stakeholders on cybersecurity maturity concepts and best practices. Develop and maintain documentation, reports, and dashboards to track program progress and effectiveness.

Client Engagement:

Build and maintain strong relationships with clients, acting as a trusted advisor on cybersecurity maturity and GRC matters. Present findings, recommendations, and program updates to executive management and board members. Collaborate with clients to understand their unique business needs and tailor the Cybersecurity Maturity Program accordingly.

Qualifications:

- Bachelor’s degree in Cybersecurity, Information Technology, Risk Management, or a related field. Advanced degrees or relevant certifications (e.g., CISSP, CISM, CRISC) are highly desirable.
- Minimum of 4 years of experience in cybersecurity, with a focus on GRC and cybersecurity maturity programs.
- In-depth knowledge of cybersecurity frameworks, standards, and regulations (e.g., NIST CSF, ISO 27001, SAMA CSF).
- Proven experience in conducting cybersecurity maturity assessments and developing improvement roadmaps.
- Strong understanding of risk management principles and practices.
- Excellent communication, presentation, and stakeholder management skills.
- Ability to work independently and as part of a team, with strong project management and leadership capabilities.
- Proficiency in using GRC tools and software.