Analyst, Information Security
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Support information security governance, risk management, and program development while assisting in compliance with regulations and standards; requires a degree in IT or relate.
Key Skills for This Role
Responsibilities
- Assist in maintaining documentation related to the information security governance framework
- Support identification and documentation of information assets and their owners
- Assist in execution and documentation of basic information security risk assessments
- Participate in business impact assessment (BIA) data collection activities
- Support ongoing threat and vulnerability assessment activities by gathering data and preparing reports
- Help monitor adherence to cybersecurity policies, standards, and procedures
- Assist in the investigation process for cybersecurity incidents by collecting logs or reports
- Support threat intelligence gathering from internal and publicly available sources
- Assist in maintaining information security awareness materials, training schedules, and communication plans
- Help track program metrics (KPIs/KRIs) and prepare dashboards or reports
Requirements
- Assist in maintaining information security governance framework documentation
- Support risk assessment processes and documentation
- Help ensure alignment with regulatory requirements (SAMA, PDPL, ISO 27001, PCI DSS)
- Participate in threat and vulnerability assessment activities
- Support information security awareness initiatives
- Assist in cybersecurity incident investigation by collecting logs
Full Job Posting
Role Overview
- The Information Security Analyst supports the Governance, Risk, and Compliance (GRC) function by assisting in the documentation, monitoring, and coordination of information security activities across the organization.
- The role contributes to maintaining a robust information security governance framework, supporting risk assessment processes, and helping ensure alignment with applicable regulatory requirements and industry standards (including SAMA, PDPL, ISO 27001, and PCI DSS).
- Working under the guidance of senior GRC professionals, the role serves as a key operational contributor to the organization's overall information security program, awareness initiatives, and compliance monitoring efforts.
Information Security Governance Tasks
- Assist in maintaining documentation related to the information security governance framework.
- Support efforts to ensure information security initiatives remain aligned with business objectives and regulatory requirements.
- Help in gathering and updating information related to legal and regulatory requirements affecting information security (e.g., GDPR, SAMA, ISO27001, PCI DSS).
- Participate in identifying organisational drivers (technology, risk tolerance, business changes) and documenting their impact on information security.
- Assist in maintaining role and responsibility matrices for information security across the organisation.
- Support the preparation of internal and external communication materials related to information security governance.
Information Risk Management Tasks
- Support the identification and documentation of information assets and their owners as part of asset classification activities.
- Assist in execution and documentation of basic information security risk assessments.
- Participate in business impact assessment (BIA) data collection activities.
- Support ongoing threat and vulnerability assessment activities by gathering data and preparing reports.
- Help in documenting existing controls and supporting the evaluation of their effectiveness.
- Assist in integrating risk and vulnerability data into lifecycle processes (e.g., procurement checks, project reviews).
- Assist in preparing risk reports and highlighting significant changes for review by senior staff.
Information Security Program Development Tasks
- Assist in maintaining documentation supporting the information security program and strategy.
- Support tracking of cybersecurity activities, including SOC alerts and compliance monitoring.
- Help monitor adherence to cybersecurity policies, standards, and procedures.
- Assist in the investigation process for cybersecurity incidents by collecting logs or reports from relevant teams.
- Support threat intelligence gathering from internal and publicly available sources.
- Help coordinate cybersecurity reviews, audits, and assessments.
- Assist in maintaining information security awareness materials, training schedules, and communication plans.
- Support documentation and updates of standards, procedures, guidelines, and baselines.
- Assist in integrating information security requirements into procurement or project documentation.
- Help track program metrics (KPIs/KRIs) and prepare dashboards or reports.
Generic Tasks
- Support the maintenance of information security policies, standards, processes, and architecture documentation.
- Assist in information security initiatives across business and technology teams.
- Support establishing and monitoring compliance with information security policies, standards, and relevant regulations.
- Assist in performing information security reviews and preparing related reports.
- Support classification of information and systems and document security requirements for key projects.
- Assist in delivering information security awareness activities and materials.
- Help measure and track security related KPIs and KRIs.
- Provide general administrative and analytical support to the GRC and Information Security teams.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at tabby
Backend Engineer II
Saudi Arabia, KSA
Key Responsibilities Backend engineering experience, with ideally commercial experience in Golang Experience building scalable, distributed systems and working with high-load ar...
Risk Manager
Saudi Arabia, KSA
Manage third-party risk program, conduct vendor assessments, ensure compliance, and communicate risks effectively while collaborating cross-functionally.
Internal Audit Lead - Financial Risk
United Arab Emirates, UAE
Lead end-to-end audits in finance, treasury, and financial risk, utilizing data analytics and ensuring compliance with IFRS and CBUAE regulations.
Internal Audit Lead - Financial Crime
United Arab Emirates, UAE
Lead audits in financial crime compliance, utilizing data analytics and regulatory knowledge to enhance frameworks and reporting while engaging stakeholders.
Senior Internal Auditor - Operations
United Arab Emirates, UAE
Responsible for executing risk-based operational audits, assessing internal controls, utilizing data analytics, and preparing comprehensive reports while collaborating with stak...
Intern QA Engineer
Saudi Arabia, KSA
Interns will ensure product quality through testing applications, APIs, and integrations, requiring programming knowledge and collaboration skills.
DBA Intern
Saudi Arabia, KSA
What you will do This is not a helper or shadow-only role. Interns work on real production tasks under senior review. Investigate slow queries on PostgreSQL read execution plans...
AI Intern
Saudi Arabia, KSA
About the company Tabby builds financial products used by millions of users across the GCC. Alongside core fintech products, we are actively building internal platforms for AI a...
Backend Engineer II
Saudi Arabia, KSA
Risk Manager
Saudi Arabia, KSA
Internal Audit Lead - Financial Risk
United Arab Emirates, UAE
Internal Audit Lead - Financial Crime
United Arab Emirates, UAE
Senior Internal Auditor - Operations
United Arab Emirates, UAE
Intern QA Engineer
Saudi Arabia, KSA
DBA Intern
Saudi Arabia, KSA
AI Intern
Saudi Arabia, KSA
