Governance, risk and compliance specialist (GRC specialist)

Job Detail
No of openings:
1
Job Type:
Full Time/Permanent
Job Location:
Riyadh
Gender:
No Preference
Nationality
Saudi
Degree Title:
Information technology, information security, or a related field.
Career Level:
Experienced Professional
Education:
Bachelors
Required Experience:
4 Years
Apply By :
Nov 21, 2020
Posted On:
Nov 11, 2020
Job Description

Cyber ​​security governance and operations, managing cybersecurity risks, and ensuring that cybersecurity and risk management requirements are met for all information systems and technology. As well as developing and updating cyber security policies within the organization.

Knowledge and Skills:

  • Bachelor's or Master's degree in Information Technology, Information Security, or a related field.
  • Professional certification such as CEH, ISO 27001 Lead Implementer, ISO 27001 Lead Auditor etc.
  • Minimum 4 years in information security field with experience in risk management, compliance and information security management.
  • The skill of applying basic cybersecurity principles.
  • The skill of developing emergency and recovery plans for network infrastructure, testing and implementing them.
  • Proficiency in identifying and classifying the types of vulnerabilities and related attacks
  • The skill of conducting investigations or security reviews of technical systems.
  • Damage assessment skill.
  • The skill of conducting cybersecurity impact and risk assessments.
  • The skill of communication to express the impact of the lack of control knowledge or proactive information of threats on the effectiveness of the cybersecurity strategy.
  • The skill of communicating with all levels of employees.
  • The skill of applying the principles of cybersecurity and privacy to fulfill the requirements of the organization.
  • The skill of identifying privacy and cybersecurity issues related to communication with internal and external parties and their supply chain.
  • The skill of planning and implementing administrative activities related to cybersecurity.
  • Skill of preparing relevant plans and documents.
  • The skill of creating and maintaining cybersecurity policies in line with the organization's privacy goals.
  • Excellent knowledge of information security concepts, methodologies and leading best practices. Knowledge of cybersecurity standards and policies such as (ISO 27001, NCA and NIST SP 800-82 requirements).
  • Knowledge of risk assessment procedures and policy formation.
  • Good organizational and coordination skills.
  • Excellent work pressure management skills.
  • Good reporting skills.
  • Excellent communication skills.