GRC Specialist (Cybersecurity)
We are looking for a motivated and detail-oriented GRC Specialist to join our cybersecurity team. In this role, you will support governance, risk, and compliance activities, with a strong focus on conducting security audits and compliance assessments against Saudi cybersecurity frameworks.
You will work closely with internal stakeholders to assess controls, identify gaps, support remediation efforts, and help ensure compliance with key regulatory and industry requirements.
Responsibilities
- Support the execution of GRC activities, including risk, compliance, and audit tasks
- Conduct or assist with security audits and assessments against Saudi frameworks such as Aramco CCC, CST, NCA, and SAMA
- Identify compliance gaps and support the development of remediation plans
- Assist in the preparation, review, and maintenance of security policies, procedures, and related documentation
- Participate in risk assessments and help track mitigation actions
- Gather audit evidence and coordinate with internal teams during assessment activities
- Prepare reports, findings, and status updates for management and stakeholders
- Support continuous improvement of governance and compliance processes
Requirements
Bachelor’s degree in Cybersecurity or a related field
Around 1 year of experience in GRC, cybersecurity, compliance, or a related area
Familiarity with conducting security audits and compliance assessments
Good knowledge of Saudi cybersecurity frameworks, especially Aramco CCC, CST, NCA, and SAMA
Understanding of information security standards and control frameworks
Strong analytical skills and attention to detail
Good communication and documentation skills
Preferred qualifications
- ISO 27001 Lead Implementer or Lead Auditor certification
- CISA certification
Benefits
- Opportunity to grow in a dynamic cybersecurity environment
- Exposure to leading regulatory and compliance frameworks in the region
- Learning and development opportunities
- Collaborative and supportive team culture