Cyber GRC Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Develop and operationalize cybersecurity policies, conduct risk assessments, support compliance initiatives, and provide security training for cross-functional teams.
Key Skills for This Role
Full Job Posting
Key Responsibilities
- Develop, maintain, and operationalize cybersecurity policies, standards, and procedures aligned with industry frameworks and regulatory requirements (e.g., NIST CSF, ISO 27001, SOC 2, PCI, relevant regional regulations).
- Support security governance forums and reporting to senior leadership and stakeholders on cyber risk, control effectiveness, and remediation progress.
- Collaborate with cross-functional teams to ensure security requirements are integrated into business processes, projects, and third-party relationships.
Risk Management & Assessments
- Conduct and coordinate risk assessments, control gap analyses, and threat/risk modeling for systems, applications, and third-party services.
- Maintain the risk register, prioritize remediation activities, and track closure of identified vulnerabilities and control deficiencies.
- Perform vendor security and risk assessments; review third-party contracts and recommend appropriate security controls and contractual language.
Compliance & Audit Support
- Support internal and external compliance initiatives, audits, and certifications (e.g., SOC 2, ISO 27001), including evidence collection, control testing, and remediation coordination.
- Monitor regulatory and industry compliance requirements and translate obligations into practical control and process requirements across the organization.
- Prepare and maintain documentation, control narratives, and artifacts required for assessments and regulatory inquiries.
Incident Response & Continuous Improvement
- Participate in incident response planning and post-incident reviews; advise on control improvements and regulatory/contractual notification considerations.
- Collaborate with Security Operations and IT teams to ensure controls are effectively implemented, monitored, and improved based on lessons learned and evolving threats.
- Identify opportunities to automate control monitoring, reporting, and GRC workflows using GRC platforms and security tooling.
Training, Awareness & Advisory
- Develop and deliver role-based security awareness, GRC guidance, and targeted training for employees, contractors, and business partners.
- Provide practical, risk-based advisory to Product, Engineering, IT, and business teams on secure design, control selection, and compliance requirements.
- Act as a trusted advisor for security and compliance questions related to new projects, cloud deployments, and third-party integrations.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Client of Stellar Hunters
DevOps/Platform Engineer
Saudi Arabia, KSA
Design and operate scalable platform services using cloud technologies, automate CI/CD pipelines, and ensure platform reliability while mentoring engineers.
Employer Branding Specialist
Saudi Arabia, KSA
Develop and execute employer branding strategies, create engaging content, manage social media presence, and enhance candidate experience while utilizing analytics for continuou...
Systems Administrator
Riyadh, KSA
Responsible for managing systems and infrastructure, ensuring security and performance, with skills in automation, troubleshooting, and collaboration across teams.
Cyber GRC Manager
Saudi Arabia, KSA
Develop and implement a risk-based cyber governance, risk management, and compliance strategy while managing policies, assessments, and third-party risks.
Instructional Designer
Saudi Arabia, KSA
Design and develop engaging learning experiences using instructional design principles, collaborate with stakeholders, and utilize e-learning tools for effective training.
Senior Internal IT Auditor
Saudi Arabia, KSA
The role involves planning and executing IT audits, assessing risks, evaluating controls, and providing remediation recommendations while ensuring compliance with regulations.
Legal Director
Riyadh, KSA
Lead legal strategy, ensure compliance, manage contracts and disputes, and develop legal team with expertise in corporate and regulatory law.
Learning & Development Manager
Saudi Arabia, KSA
Develop and implement learning strategies, design training programs, manage leadership development, and evaluate training effectiveness using data analytics.
DevOps/Platform Engineer
Saudi Arabia, KSA
Employer Branding Specialist
Saudi Arabia, KSA
Systems Administrator
Riyadh, KSA
Cyber GRC Manager
Saudi Arabia, KSA
Instructional Designer
Saudi Arabia, KSA
Senior Internal IT Auditor
Saudi Arabia, KSA
Legal Director
Riyadh, KSA
Learning & Development Manager
Saudi Arabia, KSA