Talent.com
عرض العمل هذا غير متوفر في بلدك.
Cybersecurity Governance & Compliance Officer "GRC"

Cybersecurity Governance & Compliance Officer "GRC"

SscegyptRiyadh, Riyadh Region, Saudi Arabia
منذ أكثر من 30 يومًا
الوصف الوظيفي

Maintain Cybersecurity Governance : To refresh and align cybersecurity governance with regulatory requirements and best practices.

Ensure Cybersecurity Risk Management : To identify and assess cybersecurity risks to improve security posture and reduce impact.

Uphold Cybersecurity Compliance : To assure cybersecurity compliance requirements are audited and remediated accordingly.

Improve Cybersecurity GRC Operations : To enhance various GRC assessments and activities and be more agile in a fast-paced enterprise

Cybersecurity Compliance Tasks

  • Perform assessments based on NCA regulations (such as ECC and OSMACC) and the client standards.
  • Track findings, communicate with internal stakeholders, and validate evidences.
  • Support in internal audit activities.
  • Support in external audit activities (ISO27001).
  • Prepare weekly and monthly status report for compliance status.

Cybersecurity Risk Management Tasks

  • Perform risk assessments for new solutions and third parties, as well as major technology changes.
  • Maintain risk register, follow up on mitigation plan with stakeholders and validate evidences.
  • Represent cybersecurity in IT demand management and IT change management.
  • Participate and develop Root Cause Analysis corrective actions resulting from Cybersecurity incidents.
  • Prepare weekly and monthly status report.

    • Cybersecurity Governance Tasks

  • Review and update cybersecurity documentation such as standards and policies, as well as other documents part of cybersecurity governance framework.
  • Develop new standards, processes, and procedures.
  • Monitor cyber practices and operational KPIs.
  • Create a governance review plan.

    • Experience

    The candidate should be aware of the following frameworks

  • NCA – ECC National Cybersecurity Authority - Essential Cybersecurity Controls – ECC–1 : 2018
  • NCA – CCC National Cybersecurity Authority - Cloud Cybersecurity Controls –CCC–1 : 2020
  • NCA – TCC TCC–1 : 2021
  • NCA – OSMACC National Cybersecurity Authority – Organization’s Social Media Accounts Cybersecurity Controls –OSMACC–1 : 2021
  • NCA – DCC National Cybersecurity Authority - Data Cybersecurity Controls – DCC–1 : 2022
  • NDMO National Data Management Office Regulations and Standards
  • ISO27001 : 2022 ISO (International Organization for Standardization) 27001 SO / IEC 27001 : 2022 standard for Information Security Management Systems (ISMS)

    • #J-18808-Ljbffr

    إنشاء تنبيه وظيفي لهذا البحث

    Compliance Officer • Riyadh, Riyadh Region, Saudi Arabia