Cybersecurity GRC Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
SiFi seeks a Cybersecurity GRC Specialist to manage governance, risk, and compliance lifecycle, including SAMA CSF, PDPL/NDMO, and PCI-DSS compliance. The role requires 2+ years in a dedicated GRC role, hands-on SAMA CSF experience, and certifications like ISO 27001 Lead Implementer/Auditor, Security+, or CISA.
Key Skills for This Role
Responsibilities
- Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI DSS
- Own the full evidence lifecycle: collection, validation, and documentation
- Ensure continuous audit readiness with traceable, control aligned evidence
- Track regulatory findings and remediation plans, ensuring timely closure
- Develop and maintain cybersecurity policies, standards, and procedures
- Manage document lifecycle (versioning, approvals, reviews)
- Map all policies and procedures to SAMA CSF controls
- Maintain and update the cybersecurity risk register
- Conduct third party risk assessments (TPRA) and vendor due diligence
- Collect and validate cybersecurity KPIs/KRIs from relevant stakeholders
Requirements
- Minimum 2 years in a dedicated Cybersecurity GRC role
- Hands on experience with SAMA CSF compliance within regulated entities
- Experience in audit evidence preparation and regulatory assessments
- Strong background in drafting cybersecurity policies and procedures
- Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field
- Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC)² CC, CGRC or CISA or CRISC
- Speaks English and Arabic
Full Job Posting
About SiFi & Role Overview
- SiFi is a fast growing B2B FinTech company specializing in spend management and card issuance solutions.
- The Cybersecurity GRC Specialist plays a critical role in maintaining SiFi’s cybersecurity compliance posture and ensuring audit readiness across all regulatory frameworks.
- This role is responsible for managing the full Governance, Risk, and Compliance (GRC) lifecycle — including evidence management, policy governance, risk tracking, and KPI/KRI reporting.
Key Responsibilities
- Regulatory Compliance & Audit Readiness: Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI DSS
- Own the full evidence lifecycle: collection, validation, and documentation
- Ensure continuous audit readiness with traceable, control aligned evidence
- Track regulatory findings and remediation plans, ensuring timely closure
- Provide regular compliance status reports to the CISO and relevant committees
- Governance & Policy Management: Develop and maintain cybersecurity policies, standards, and procedures
- Ensure documentation aligns with SiFi governance structure and regulatory expectations
- Manage document lifecycle (versioning, approvals, reviews)
- Map all policies and procedures to SAMA CSF controls
- Cyber Risk Management: Maintain and update the cybersecurity risk register
- Conduct third party risk assessments (TPRA) and vendor due diligence
- Support risk reviews and reporting cycles
Requirements
- Minimum 2 years in a dedicated Cybersecurity GRC role
- Hands on experience with SAMA CSF compliance within regulated entities
- Experience in audit evidence preparation and regulatory assessments
- Strong background in drafting cybersecurity policies and procedures
- Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field
- Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC)² CC, CGRC or CISA or CRISC
- Speaks English and Arabic
Preferred Qualifications
- Experience with PDPL and NDMO regulations
- PCI DSS compliance exposure
- Knowledge of cloud security (AWS, Azure, GCP, OCI)
- Experience in fintech or financial services
- Familiarity with frameworks like ISO 27001, NIST, COBIT
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at SiFi
Tamheer Opportunity – Cyber Security Specialist
Riyadh, KSA
SiFi is seeking a Cyber Security Specialist for a Tamheer internship program. The role requires a Bachelor's degree in Cybersecurity or a related field, and involves understanding cybersecurity principles, using security
IT Security Engineer
Riyadh, KSA
SiFi is seeking a hands-on IT Security Engineer to execute security controls on production and corporate infrastructure. This role bridges cybersecurity and technology, focusing on vulnerability remediation, infrastructu
Infrastructure Manager
Riyadh, KSA
SiFi is hiring an Infrastructure Manager to lead the SRE team and drive infrastructure strategy. This hands-on role involves architecture decisions, incident management, security, and compliance with SAMA regulations. Ca
Customer Success Specialist
Riyadh, KSA
SiFi, a B2B FinTech company in Saudi Arabia, seeks a Customer Success Specialist to support customer onboarding, adoption, and satisfaction. The role involves assisting with account setup, responding to inquiries, gather
AML officer ( Saudi Nationality only)
Riyadh, KSA
SiFi, a FinTech company in Saudi Arabia, seeks an AML Officer to assist in developing and overseeing the AML program. Responsibilities include conducting CDD/EDD, monitoring transactions, preparing SARs, and maintaining
Internal Audit Manager
Riyadh, KSA
SiFi seeks an Internal Audit Manager to coordinate internal audit activities, manage risk-based audit plans, and collaborate with external audit firms. The role requires 3-5 years of internal audit experience in regulate
Tamheer Opportunity – Internal Audit
Riyadh, KSA
SiFi is seeking a Saudi national for a Tamheer internship in Internal Audit. The role offers hands-on experience in audit, risk management, and governance. Ideal for recent graduates with a degree in Accounting, Finance,
Senior Data Engineer (Data & AI)
Riyadh, KSA
SiFi is looking for a Senior Data Engineer to define and scale the foundation of their data platform. You will design and own the data platform, modeling standards, and AI-ready infrastructure, ensuring accurate and trus
Tamheer Opportunity – Cyber Security Specialist
Riyadh, KSA
IT Security Engineer
Riyadh, KSA
Infrastructure Manager
Riyadh, KSA
Customer Success Specialist
Riyadh, KSA
AML officer ( Saudi Nationality only)
Riyadh, KSA
Internal Audit Manager
Riyadh, KSA
Tamheer Opportunity – Internal Audit
Riyadh, KSA
Senior Data Engineer (Data & AI)
Riyadh, KSA