A leading organization in Saudi Arabia is seeking a Cybersecurity Compliance Officer to join their GRC team. The role focuses on developing and maintaining security governance frameworks, policies, and procedures to ensure alignment with regulatory requirements. The candidate will drive compliance with national cybersecurity regulations, data protection laws, and international security standards.
Key responsibilities include monitoring regulatory compliance, conducting internal security assessments, managing GRC technology platforms, and coordinating external audit engagements. The position requires regular reporting to GRC leadership and supporting organizational certification initiatives.
The ideal candidate will have experience in implementing and maintaining comprehensive security compliance programs while ensuring adherence to industry and regulatory requirements.
Detailed Responsibilities:
- Develop and maintain comprehensive cybersecurity governance frameworks, policies, and procedures ensuring alignment with regulatory requirements, including NCA controls.
- Drive compliance with key security standards and regulations including PDPL, ISO 27001, and other applicable frameworks. Monitor and implement emerging requirements.
- Perform technical security reviews of system configurations, network architecture, and control implementations to validate compliance and security best practices.
- Lead internal security assessments and compliance reviews to identify and remediate control gaps.
- Implement and administer GRC automation platforms to enhance compliance monitoring efficiency and reporting capabilities.
- Design and oversee control attestation procedures, working with control owners to validate and document control effectiveness.
- Develop and execute third-party security assessment program to evaluate and monitor vendor security practices.
- Generate regular security status reports for GRC management. Effectively communicate security risks, issues and recommendations to key stakeholders.
- Manage external audit engagements and certification processes to ensure successful outcomes and continued compliance.