Talent.com
No longer accepting applications
Director, GRC & Cybersecurity (859)

Director, GRC & Cybersecurity (859)

OlympicRiyadh, Riyadh Region, Saudi Arabia
4 days ago
Job description

Job Purpose

Lead the Governance, Risk, Compliance, and Cybersecurity functions to ensure SOPC’s regulatory compliance, enterprise resilience, and digital security. The role owns the enterprise risk management framework, business continuity, and cybersecurity governance, ensuring full compliance with national directives such as PDPL and NCA. The Director provides oversight and guidance to SOPC functions, enabling them to operate within defined risk appetites and ensuring alignment with SOPC’s governance and operational priorities. The position strengthens SOPC’s second line of defense through integrated risk oversight, compliance monitoring, and cyber readiness.

Enterprise Risk Management

  • Lead the development, implementation, and continuous improvement of SOPC’s enterprise risk management framework, including risk appetite, taxonomy, and assessment methodologies.
  • Maintain and oversee risk registers across SOPC and federations, ensuring risks are identified, evaluated, and mitigated in line with strategic objectives.
  • Coordinate enterprise-level risk reporting and escalation mechanisms, ensuring transparency and timely decision-making by the CEO and Audit Committee.
  • Partner with Internal Audit to align audit priorities with enterprise risk exposures and provide regular updates on residual risks.

Cyber Strategy & Governance

  • Oversee SOPC’s cybersecurity strategy, policies, and frameworks, ensuring alignment with national cybersecurity directives and international standards.
  • Ensure the implementation of incident response protocols, access control systems, and data protection mechanisms that safeguard SOPC’s digital assets and sensitive information.
  • Lead cyber risk assessments and maturity reviews, identifying vulnerabilities and ensuring mitigation measures are implemented effectively.
  • Collaborate with the Digital Transformation and IT functions to maintain secure technology environments and align cybersecurity architecture with operational priorities.

    • Governance & Compliance

  • Develop and enforce compliance frameworks and monitoring systems that ensure adherence to national and international regulations, including PDPL, NCA, anti-fraud, and anti-corruption standards.
  • Establish and maintain governance frameworks and compliance reporting protocols to track performance, identify breaches, and drive remedial actions across SOPC entities.
  • Provide the CEO and leadership team with periodic compliance dashboards and reports, enabling proactive management of legal and regulatory obligations.
  • Act as the focal point for regulatory inspections, compliance reviews, and audits, ensuring accurate documentation and timely responses.

    • Business Continuity & Crisis Management

  • Direct the establishment and testing of business continuity management (BCM) and disaster recovery (DR) frameworks, ensuring organizational preparedness for disruptions.
  • Conduct scenario testing and simulations to evaluate SOPC’s resilience and recovery capabilities across critical operations.
  • Integrate BCM and DR plans into enterprise risk and compliance structures, ensuring unified risk governance across the organization.
  • Provide assurance to senior leadership that SOPC’s continuity and resilience mechanisms meet regulatory expectations and operational needs.

    • Boundaries

  • Independent assurance and audit reviews fall under Internal Audit, which provides oversight on the effectiveness of controls and frameworks developed by GRC.
  • Legal advisory, representation, and statutory interpretation are under Legal Affairs, which informs the compliance frameworks developed by GRC.
  • Operational policy design and process documentation are owned by Corporate Excellence, with GRC embedding compliance and risk requirements within those structures.
  • Front-line control execution and risk ownership remain the responsibility of management functions (first line of defense), with GRC providing oversight, monitoring, and guidance.

    • Seniority Level

    Director

    Employment Type

    Full-time

    Job Function

    Information Technology

    We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

    Referrals increase your chances of interviewing at Team Saudi by 2x

    #J-18808-Ljbffr

    Create a job alert for this search

    Cybersecurity • Riyadh, Riyadh Region, Saudi Arabia

    Related jobs
    • Promoted
    Cybersecurity GRC Specialist

    Cybersecurity GRC Specialist

    flynasRiyadh, Saudi Arabia
    Empowering Saudization | Operations & Corporate Hiring | Headhunting | Data-Driven Recruitment | Power BI Job Purpose.To be responsible for conducting Flynas regular self‑assessment to ensure cyber...Show moreLast updated: 4 days ago
    • Promoted
    GRC Consultant

    GRC Consultant

    Innovative SolutionsRiyadh, Saudi Arabia
    Company Description Innovative Solutions (IS) is a leading pure-player Cyber security company in the GCC established in 2003, headquartered in Riyadh with presence in Al Khobar, Jeddah, Dubai, and ...Show moreLast updated: 10 days ago
    • Promoted
    Cybersecurity GRC Manager

    Cybersecurity GRC Manager

    Total-TECH Co.Riyadh, Saudi Arabia
    Lead or support the implementation of cybersecurity governance, risk, and compliance programs.Conduct risk assessments, gap analyses, and security audits aligned with national and international sta...Show moreLast updated: 30+ days ago
    • Promoted
    Director- Enterprise Risk (CDU3) - 20004049

    Director- Enterprise Risk (CDU3) - 20004049

    Qiddiya Investment CompanyRiyadh, Riyadh Region, Saudi Arabia
    Qiddiya is Saudi Arabia’s future capital of entertainment, sports, and culture — a 360 km² mega-project just outside Riyadh. From F1-grade racetracks and theme parks to stadiums and performance venu...Show moreLast updated: 30+ days ago
    • Promoted
    Senior Cybersecurity GRC Specialist

    Senior Cybersecurity GRC Specialist

    MoznRiyadh, Saudi Arabia
    Mozn is a rapidly growing technology firm revolutionizing the field of Artificial Intelligence and Data Science headquartered in Riyadh, Saudi Arabia and it’s working to realize Vision 2030 with a ...Show moreLast updated: 29 days ago
    • Promoted
    Cybersecurity Governance, Risk & Compliance (GRC) Specialist

    Cybersecurity Governance, Risk & Compliance (GRC) Specialist

    MIS ConnectRiyadh, Saudi Arabia
    Cybersecurity Governance, Risk & Compliance (GRC) Specialist.Establish a governance framework for cybersecurity roles, responsibilities, and decision‑making. Ensure policies are approved, communicat...Show moreLast updated: 7 days ago
    • Promoted
    GRC Consultant (Compliance)

    GRC Consultant (Compliance)

    Help AGRiyadh, Riyadh Region, Saudi Arabia
    Help AG is looking for an experienced GRC Consultant who is responsible for compliance management and successful alignment with national cybersecurity regulations, including the National Cybersecur...Show moreLast updated: 1 day ago
    • Promoted
    Cybersecurity GRC Specialist

    Cybersecurity GRC Specialist

    2P Perfect PresentationRiyadh, Saudi Arabia
    The Cybersecurity GRC (Governance, Risk, and Compliance) Specialist is responsible for working on the establishment of the organization's cybersecurity governance framework, ensuring adherence to r...Show moreLast updated: 17 days ago
    • Promoted
    Product Director - Cybersecurity Solutions

    Product Director - Cybersecurity Solutions

    Michael PageRiyadh, Saudi Arabia
    Overview The Product Director - Cybersecurity Solutions will play a pivotal role in overseeing the development, strategy, and execution of Cybersecurity products. Based in Riyadh, this position requ...Show moreLast updated: 30+ days ago
    • Promoted
    GRC Consultant

    GRC Consultant

    flint-internationalRiyadh, Riyadh Region, Saudi Arabia
    Bachelor’s degree in information security or Information Technology.Certifications such as CISSP, CISM, CISA, CRISC, GSEC, ISO27001 or PCIP are preferred. Only Immediate joiners OR not longer than 3...Show moreLast updated: 1 day ago
    • Promoted
    Senior Manager - Cybersecurity Operational Technology

    Senior Manager - Cybersecurity Operational Technology

    Qiddiya Investment CompanyRiyadh, Riyadh Region, Saudi Arabia
    Qiddiya Investment Company is at the forefront of transformative entertainment and real estate projects in Saudi Arabia, and we are seeking a Senior Manager - Cybersecurity Operational Technology t...Show moreLast updated: 30+ days ago
    • Promoted
    Cybersecurity GRC Engineer

    Cybersecurity GRC Engineer

    Saudi Networkers ServicesRiyadh, Saudi Arabia
    Saudi Networkers Services Develop, implement, and maintain the organization’s cybersecurity governance, risk, and compliance (GRC) framework. Conduct risk assessments, vulnerability assessments, and...Show moreLast updated: 23 days ago
    • Promoted
    Director - Risk (CDU4) 20004159

    Director - Risk (CDU4) 20004159

    Qiddiya Investment CompanyRiyadh, Riyadh Region, Saudi Arabia
    Qiddiya Investment Company is on the lookout for a Senior Manager - Risk (CDU 266) to enhance our risk management framework across our innovative projects. This role demands a strategic mindset to l...Show moreLast updated: 1 day ago
    • Promoted
    Director Cybersecurity

    Director Cybersecurity

    Saudi Networkers ServicesRiyadh, Saudi Arabia
    Overview Join to apply for the.Develops cybersecurity strategy in line with its business strategy as per the guidelines provided by NCA. Monitors organization-wide security operations (vulnerability...Show moreLast updated: 30+ days ago
    • Promoted
    GRC Manager

    GRC Manager

    Aventus Global TalentRiyadh, Saudi Arabia
    GRC Manager – Short-Term Engagement | Riyadh, Saudi Arabia We are seeking an experienced GRC (Governance, Risk & Compliance) Manager for a 2‑month consulting engagement with a leading government or...Show moreLast updated: 13 days ago
    • Promoted
    Cybersecurity GRC Specialist

    Cybersecurity GRC Specialist

    Saudi Networkers ServicesRiyadh, Saudi Arabia
    Develop, implement, and maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks (e. Conduct risk assessments and identify vulnerabilities, recommending appro...Show moreLast updated: 30+ days ago
    • Promoted
    Cybersecurity GRC Analyst

    Cybersecurity GRC Analyst

    American Express Saudi ArabiaRiyadh, Saudi Arabia
    American Express Saudi Arabia , established in 1999, is a leading financial company in the Kingdom, renowned for delivering excellence and innovative payment solutions. Our mission is to empower ind...Show moreLast updated: 7 days ago
    • Promoted
    • New!
    Consulting Manager - Strategy and GRC

    Consulting Manager - Strategy and GRC

    DevoteamRiyadh, Riyadh Region, Saudi Arabia
    Tech for People Unlocks the Future.At Devoteam, we believe technology, combined with strong human values, can actively drive change for the better. Discover how Tech for People is shaping the future...Show moreLast updated: 11 hours ago