Job Description

Roles & Responsibilities

About the Role

The Cybersecurity GRC Manager is responsible for the Governance, Risk, and Compliance programs. They manage and oversee the implementation of risk and compliance assessment initiatives and lead a cybersecurity team, unit, or enterprise-level function.

Key Responsibilities

Governance

Develop and maintain the organization's cybersecurity governance framework, ensuring alignment with mission, vision, and strategic goals.

Ensure that cybersecurity principles and strategies are reflected in corporate policies and enterprise planning.

Review and approve cybersecurity strategies, policies, and documentation to ensure they support strategic goals and business objectives.

Ensure organizational cybersecurity requirements are considered in mergers, acquisitions,outsourcing, and partnerships.

Advocate cybersecurity priorities at the executive level and promote strategic alignment.

Participate in the development and review of cybersecurity program plans and strategic initiatives.

Ensure cybersecurity assumptions are reviewed and updated regularly.

Review procurement practices to confirm alignment with governance and supply chain risk management standards.

Ensure availability and alignment of cybersecurity resources with governance mandates

Risk Management & Compliance

Identify, assess, and manage cybersecurity risks via the organization's risk governance process.

Ensure decisions related to cybersecurity are based on sound risk management principles.

Track audit findings and ensure appropriate mitigation actions.

Participate in risk assessments and ensure risk management is embedded in the organization s

cybersecurity framework.

Support compliance activities and ensure policies meet regulatory and legal requirements.

Recognize and address non-compliance trends by recommending improvements to documentation and controls.

Strategy Policy & Architecture

Develop and maintain cybersecurity strategies, policies, and related documentation.

Align cybersecurity architecture and controls with strategic objectives.

Review the effectiveness of current policies and identify opportunities for improvement.

Evaluate new systems and technologies to ensure appropriate security controls are implemented.

Identify alternative strategies to achieve cybersecurity objectives and adapt to evolving threats.

Ensure business continuity and disaster recovery plans incorporate cybersecurity requirements.

Operations & Incident Management

Manage vulnerability remediation and threat mitigation.

Maintain awareness of emerging threats and ensure appropriate defensive measures.

Coordinate inspections, testing, and reviews of cybersecurity across the network.

Ensure effective management of cybersecurity incidents and communicate appropriately with internal and external stakeholders.

Ensure cybersecurity considerations are included in procurement, IT, and third-party engagements.

Use internationally recognized standards and documentation to inform cybersecurity operations.

Awareness, Training & Reporting

Ensure cybersecurity training and awareness programs are regularly delivered to all staff.

Promote the value of cybersecurity across the organization.

Collect, maintain, and report cybersecurity data to meet defined reporting requirements.

Communicate cybersecurity posture, financial impacts, and major updates to senior management.

Provide oversight on documentation and awareness of cybersecurity expectations across departments.

Managerial Responsibilities

Ensure departmental compliance with organizational policies, procedures, and quality standards.

Cascade objectives and KPIs to team members and oversee performance.

Manage department staffing based on operational needs.

Foster team engagement and development through coaching and feedback.

Enforce compliance with safety, security, and legal regulations.

Monitor departmental performance against budgets and KPIs; take corrective actions when needed.

Oversee regulatory and government-related matters in alignment with company policies.

Ensure adherence to all organizational and operational policies.

Requirements

Bachelor's Degree in Cybersecurity, Computer Science or equivalent.

Minimum of 7 years of Experience.

Verbal and written communication.

Computer proficiency Microsoft Office.

Teamwork.

Time Management.

Excellent command of Arabic and English Language