{bc}
linkedin

Cybersecurity GRC Specialist

SiFi
Riyadh, KSA
Full Time
Mid
3 weeks ago
Governance, Risk, and Compliance (GRC)SAMA CSFPCI DSSPDPL/NDMOGRC Platforms (Archer, ServiceNow GRC, OneTrust)Risk Management
Free

Job Fit Check

Base Career helps you apply smarter for this job.

?%
Ready to Scan

Key skills for this role

Governance, Risk, and Compliance (GRC)SAMA CSFPCI DSS
Smart Apply

Full Job Posting

About SiFi & Role Overview

  • SiFi is a fast growing B2B FinTech company specializing in spend management and card issuance solutions.
  • The Cybersecurity GRC Specialist plays a critical role in maintaining SiFi’s cybersecurity compliance posture and ensuring audit readiness across all regulatory frameworks.
  • This role is responsible for managing the full Governance, Risk, and Compliance (GRC) lifecycle — including evidence management, policy governance, risk tracking, and KPI/KRI reporting.

Key Responsibilities

  • Regulatory Compliance & Audit Readiness: Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI DSS
  • Own the full evidence lifecycle: collection, validation, and documentation
  • Ensure continuous audit readiness with traceable, control aligned evidence
  • Track regulatory findings and remediation plans, ensuring timely closure
  • Provide regular compliance status reports to the CISO and relevant committees
  • Governance & Policy Management: Develop and maintain cybersecurity policies, standards, and procedures
  • Ensure documentation aligns with SiFi governance structure and regulatory expectations
  • Manage document lifecycle (versioning, approvals, reviews)
  • Map all policies and procedures to SAMA CSF controls
  • Cyber Risk Management: Maintain and update the cybersecurity risk register
  • Conduct third party risk assessments (TPRA) and vendor due diligence
  • Support risk reviews and reporting cycles

Requirements

  • Minimum 2 years in a dedicated Cybersecurity GRC role
  • Hands on experience with SAMA CSF compliance within regulated entities
  • Experience in audit evidence preparation and regulatory assessments
  • Strong background in drafting cybersecurity policies and procedures
  • Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
  • Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field
  • Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC)² CC, CGRC or CISA or CRISC
  • Speaks English and Arabic

Preferred Qualifications

  • Experience with PDPL and NDMO regulations
  • PCI DSS compliance exposure
  • Knowledge of cloud security (AWS, Azure, GCP, OCI)
  • Experience in fintech or financial services
  • Familiarity with frameworks like ISO 27001, NIST, COBIT

Apply for this job in 1 click

Skip the repetitive application forms

Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.

Sarah M.James T.Maya R.

Trusted by over 500,000 job seekers on Base Career

Start Free Today

More from this employer

More jobs at SiFi