Analyst, Information Security
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Tabby is seeking an Information Security Analyst to support the GRC function by assisting in documentation, monitoring, and coordination of information security activities. The role is suitable for recent graduates or those with 0-2 years of experience, with a focus on governance, risk, and compliance.
Key Skills for This Role
Responsibilities
- Assist in maintaining documentation related to the information security governance framework
- Support efforts to ensure information security initiatives remain aligned with business objectives and regulatory requirements
- Help in gathering and updating information related to legal and regulatory requirements affecting information security
- Participate in identifying organisational drivers and documenting their impact on information security
- Assist in maintaining role and responsibility matrices for information security
- Support the preparation of internal and external communication materials related to information security governance
- Support the identification and documentation of information assets and their owners
- Assist in execution and documentation of basic information security risk assessments
- Participate in business impact assessment (BIA) data collection activities
- Support ongoing threat and vulnerability assessment activities by gathering data and preparing reports
- Help in documenting existing controls and supporting the evaluation of their effectiveness
- Assist in integrating risk and vulnerability data into lifecycle processes
Requirements
- Bachelor's degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, or a related field
- No minimum professional experience required; 0 2 years in Information Security is a plus
- Basic understanding of information security concepts, standards, and frameworks (e.g., ISO27001, NIST, SAMA CSF)
- Basic awareness of data protection regulations (PDPL) is a plus
- Coursework, academic projects, or internships related to cybersecurity, risk management, or compliance are preferred
Full Job Posting
Description
- The Information Security Analyst supports the Governance, Risk, and Compliance (GRC) function by assisting in the documentation, monitoring, and coordination of information security activities across the organization.
- The role contributes to maintaining a robust information security governance framework, supporting risk assessment processes, and helping ensure alignment with applicable regulatory requirements and industry standards (including SAMA, PDPL, ISO 27001, and PCI DSS).
Key Responsibilities
- Assist in maintaining documentation related to the information security governance framework.
- Support efforts to ensure information security initiatives remain aligned with business objectives and regulatory requirements.
- Help in gathering and updating information related to legal and regulatory requirements affecting information security (e.g., GDPR, SAMA, ISO27001, PCI DSS).
- Participate in identifying organisational drivers (technology, risk tolerance, business changes) and documenting their impact on information security.
- Assist in maintaining role and responsibility matrices for information security across the organisation.
- Support the preparation of internal and external communication materials related to information security governance.
- Support the identification and documentation of information assets and their owners as part of asset classification activities.
- Assist in execution and documentation of basic information security risk assessments.
- Participate in business impact assessment (BIA) data collection activities.
- Support ongoing threat and vulnerability assessment activities by gathering data and preparing reports.
- Help in documenting existing controls and supporting the evaluation of their effectiveness.
- Assist in integrating risk and vulnerability data into lifecycle processes (e.g., procurement checks, project reviews).
Skills, Knowledge and Expertise
- Bachelor's degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, or a related field. Recent graduates and fresh university leavers are encouraged to apply.
- No minimum professional experience required but 0 2 years in the Information Security domain specifically is a plus.
- Basic understanding of information security concepts, standards, and frameworks (e.g., ISO27001, NIST, SAMA CSF).
- Basic awareness of data protection regulations (PDPL) is a plus.
- Coursework, academic projects, or internships related to cybersecurity, risk management, or compliance are preferred.
About Tabby
- Tabby creates financial freedom in the way people shop, earn and save, by reshaping their relationship with money.
- The company’s flagship offering allows shoppers to split their payments online and in store with no interest or fees.
- Over 32,000 global brands and small businesses, including Amazon, Noon, IKEA and Shein use Tabby.
- Tabby has generated over $7 billion in transaction volume for its partner brands.
- Tabby launched operations in 2020 and has raised +$1 billion in equity and debt funding.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Tabby
Vendor Manager
الرياض, KSA
Tabby is hiring a Vendor Risk Manager to own the third-party risk program end-to-end, from due diligence to offboarding. Requires 3-4 years in third-party risk management, knowledge of NIST CSF, ISO 27001, SOC 2, and str
Intern QA Engineer
Riyadh, KSA
Tabby is looking for an Intern QA Engineer to join their team in Riyadh. This is an engineering role with real responsibility, focusing on product quality across multiple systems. Interns will work on production tasks, i
Intern Backend (Go) Engineer
الرياض, KSA
Tabby offers a paid backend engineering internship for strong early-career engineers. Interns work on production code in Go, developing and maintaining backend services, APIs, and data storage for high-load financial sys
Finance Manager (Financial Control)
Riyadh, KSA
Tabby is looking for a Finance Manager to support finance operations for its Saudi Arabia entity, ensuring accurate financial reporting, regulatory compliance, and strong financial governance. The role oversees statutory
Intern QA Engineer
الرياض, KSA
Tabby is seeking an Intern QA Engineer to join their engineering team in Riyadh. This is a paid internship with real responsibility, focusing on product quality across multiple systems. Candidates should have programming
DevOps Intern
الرياض, KSA
Tabby offers a paid DevOps internship for strong early-career engineers in Riyadh. Interns work on production cloud infrastructure, Kubernetes, CI/CD, and observability with real responsibility and a path to a junior rol
DBA Intern
الرياض, KSA
Tabby offers a paid DBA internship for strong early-career engineers to work on production database systems including PostgreSQL. Interns will investigate slow queries, review schema changes, maintain backups, and suppor
Senior Tax Associate
Riyadh, KSA
Tabby is seeking a Senior Tax Associate to manage tax compliance, audits, and transfer pricing across KSA and the GCC region. The role requires 2-3 years of tax experience, strong knowledge of Saudi tax regulations, and
Vendor Manager
الرياض, KSA
Intern QA Engineer
Riyadh, KSA
Intern Backend (Go) Engineer
الرياض, KSA
Finance Manager (Financial Control)
Riyadh, KSA
Intern QA Engineer
الرياض, KSA
DevOps Intern
الرياض, KSA
DBA Intern
الرياض, KSA
Senior Tax Associate
Riyadh, KSA
