GRC Cybersecurity Consultant (Saudi National)

Riyadh, Riyadh, Saudi Arabia

Full Time

Experienced

Job Title: GRC Cybersecurity Consultant (Saudi National)

Location: Riyadh, Saudi Arabia
Experience: 5+ Years
Nationality: Saudi National (Mandatory)

Job Summary

We are seeking a skilled and experienced GRC (Governance, Risk & Compliance) Cybersecurity Consultant to support cybersecurity governance initiatives, regulatory compliance, and risk management programs. The ideal candidate will have strong experience in implementing security frameworks, conducting risk assessments, and ensuring compliance with local and international standards within enterprise environments.

Key Responsibilities

Develop, implement, and maintain cybersecurity governance frameworks, policies, and procedures.
Conduct enterprise-wide cyber risk assessments and gap analysis.
Ensure compliance with Saudi regulatory requirements such as SAMA, NCA ECC, and other relevant local frameworks.
Align organizational security posture with international standards such as ISO 27001, NIST CSF, and COBIT.
Lead internal and external audit coordination activities.
Develop risk treatment plans and track remediation activities.
Perform third-party/vendor risk assessments.
Conduct Business Impact Analysis (BIA) and support Business Continuity Planning (BCP).
Establish and monitor Key Risk Indicators (KRIs) and security metrics.
Prepare executive-level reports and dashboards on risk and compliance status.
Conduct security awareness and compliance training sessions.
Support incident management from a governance and reporting perspective.

Required Qualifications & Skills

Bachelor’s degree in Cybersecurity, Information Security, IT, or related field.
5+ years of experience in Cybersecurity Governance, Risk Management, and Compliance.
Strong knowledge of Saudi cybersecurity regulations including:
- Saudi Central Bank (SAMA)
- National Cybersecurity Authority (NCA – ECC Framework)
Experience with international frameworks such as:
- International Organization for Standardization (ISO 27001)
- National Institute of Standards and Technology (NIST)
Experience in policy drafting, risk registers, and compliance reporting.
Hands-on experience with GRC tools and platforms.
Strong analytical, documentation, and stakeholder management skills.
Excellent communication skills in Arabic and English.

Preferred Certifications

ISO 27001 Lead Implementer / Lead Auditor
CISM (Certified Information Security Manager)
CRISC (Certified in Risk and Information Systems Control)
CISSP

Apply for this position

Required*

First Name*

Last Name*

Email Address*

Phone*

Address

Resume*

We've received your resume. Click here to update it.

Attach resume or Paste resume

Attach resume as .pdf, .doc, .docx, .odt, .txt, or .rtf (limit 5MB) or Paste resume

Paste your resume here or Attach resume file

Desired salary*

Earliest start date?*

Human Check*

Submit Application

Datamatics Technologies

Thanks for visiting our Career Page. Please review our open positions and apply to the positions that match your qualifications.