Cyber GRC Manager

Client of Stellar Hunters

Employer Active

Posted 3 hrs ago

Experience

5 - 7 Years

Job Location

Saudi Arabia - Saudi Arabia

Education

Bachelor of Science(Computers)

Nationality

Any Nationality

Gender

Not Mentioned

Vacancy

1 Vacancy

Job Description

Roles & Responsibilities

Key Responsibilities

  • Develop and evolve a risk-based cyber GRC strategy that aligns with enterprise risk appetite and business priorities.

  • Lead the GRC program, including governance forums, risk assessment cadence, control frameworks, and remediation tracking.

  • Partner with senior leadership to translate regulatory and business requirements into practical program objectives and roadmaps.

Policy, Standards & Control Management

  • Maintain and enhance information security policies, standards, and procedures; ensure clear ownership and version control across the policy lifecycle.

  • Define and maintain control objectives mapped to frameworks (e.g., NIST CSF, ISO 27001, SOC 2) and ensure consistent implementation across teams.

  • Coordinate control testing, assessments, and remediation activities with internal teams and external assessors.

Risk Assessment & Third-Party Risk Management

  • Conduct enterprise and technology risk assessments; identify, evaluate, and prioritize cyber risks and mitigation plans.

  • Own third-party risk management processes including vendor risk assessments, due diligence, contract security requirements, and ongoing monitoring.

  • Work with procurement and vendor owners to remediate deficiencies and reduce supply chain risk.

Compliance & Audit Support

  • Manage compliance programs and readiness for relevant regulations and standards (e.g., SOC 2, ISO 27001, GDPR, HIPAA where applicable).

  • Act as primary liaison for internal and external audits, prepare evidence and reporting, and coordinate remediation activities.

  • Maintain documentation and continuous evidence of controls to support attestations and regulatory reporting.

Metrics, Reporting & Continuous Improvement

  • Define and report GRC metrics and dashboards (e.g., risk posture, control maturity, remediation timelines, vendor risk status) to leadership and stakeholders.

  • Use data and trend analysis to identify program gaps, recommend improvements, and measure the effectiveness of risk reduction efforts.

  • Develop and maintain GRC playbooks, runbooks, and process documentation to enable repeatable, auditable practices.

Desired Candidate Profile

Required Qualifications - Skills & Experience

  • Bachelor s degree in Information Security, Cybersecurity, IT, Risk Management, or a related field, or equivalent practical experience.

  • 5+ years of hands-on experience in cyber governance, risk, and compliance, information security, or related roles.

  • Practical knowledge of common security frameworks and standards (e.g., NIST CSF, ISO 27001, SOC 2) and experience mapping controls to frameworks.

  • Experience managing third-party/vendor risk assessments, contract security requirements, and remediation workflows.

  • Strong communication and stakeholder management skills with the ability to influence technical and non-technical audiences.

  • Analytical mindset with experience developing risk assessments, metrics, and executive-level reporting.

  • Familiarity with GRC platforms, risk assessment tools, ticketing systems, and common productivity software.

Preferred Qualifications

  • Relevant certifications such as CISSP, CISM, CRISC, CISA, or CDPSE preferred.

  • Experience supporting SOC 2, ISO 27001, or other third-party audits and working with external assessors.

  • Background in cloud security, identity and access management, or secure software development lifecycle practices.

  • Experience implementing or operating GRC tooling (e.g., Archer, RiskLens, OneTrust, ServiceNow GRC) is a plus.

Company Industry

  • IT - Software Services

Department / Functional Area

  • System Administration
  • Network Administration
  • Security (IT Software)

Keywords

  • Cyber GRC Manager

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advice against sharing personal or bank related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com

Client of Stellar Hunters

https://careers.stellarhunters.com/jobs/7478828-cyber-grc-manager

Similar Jobs

PAM Engineer (Privileged Access Management)

People Dynamics

  • 5 - 10 Years
  • Riyadh - Saudi Arabia
View All
  • Home
  • Jobs in Saudi Arabia