GRC Specialist (Cybersecurity)

Managed Services

You will work closely with internal stakeholders to assess controls, identify gaps, support remediation efforts, and help ensure compliance with key regulatory and industry requirements.

Responsibilities

• Support the execution of GRC activities, including risk, compliance, and audit tasks
• Conduct or assist with security audits and assessments against Saudi frameworks such as Aramco CCC, CST, NCA, and SAMA
• Identify compliance gaps and support the development of remediation plans
• Assist in the preparation, review, and maintenance of security policies, procedures, and related documentation
• Participate in risk assessments and help track mitigation actions
• Gather audit evidence and coordinate with internal teams during assessment activities
• Prepare reports, findings, and status updates for management and stakeholders
• Support continuous improvement of governance and compliance processes

Bachelor s degree in Cybersecurity or a related field

Around 1 year of experience in GRC, cybersecurity, compliance, or a related area

Familiarity with conducting security audits and compliance assessments

Good knowledge of Saudi cybersecurity frameworks, especially Aramco CCC, CST, NCA, and SAMA

Understanding of information security standards and control frameworks

Strong analytical skills and attention to detail

Good communication and documentation skills

Preferred qualifications

• ISO 27001 Lead Implementer or Lead Auditor certification
• CISA certification

• Opportunity to grow in a dynamic cybersecurity environment
• Exposure to leading regulatory and compliance frameworks in the region
• Learning and development opportunities
• Collaborative and supportive team culture