Cybersecurity GRC Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
Key Responsibilities: Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI-DSS Own the full evidence lifecycle: collection, validation, and documentati.
Key Skills for This Role
Full Job Posting
Key Responsibilities
- Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI-DSS
- Own the full evidence lifecycle: collection, validation, and documentation
- Ensure continuous audit readiness with traceable, control-aligned evidence
- Track regulatory findings and remediation plans, ensuring timely closure
- Provide regular compliance status reports to the CISO and relevant committees
2. Governance & Policy Management
- Develop and maintain cybersecurity policies, standards, and procedures
- Ensure documentation aligns with SiFi governance structure and regulatory expectations
- Manage document lifecycle (versioning, approvals, reviews)
- Map all policies and procedures to SAMA CSF controls
3. Cyber Risk Management
- Maintain and update the cybersecurity risk register
- Conduct third-party risk assessments (TPRA) and vendor due diligence
- Support risk reviews and reporting cycles
- Collaborate with Risk and Compliance teams to align enterprise risk frameworks
4. KPI And KRI Monitoring & Reporting
- Collect and validate cybersecurity KPIs/KRIs from relevant stakeholders
- Maintain a centralized KPI/KRI tracker
- Prepare periodic reports with trend analysis to support regulatory maturity (Level 3+)
- Identify and escalate performance gaps
Requirements
- Minimum 2 years in a dedicated Cybersecurity GRC role
- Hands-on experience with SAMA CSF compliance within regulated entities
- Experience in audit evidence preparation and regulatory assessments
- Strong background in drafting cybersecurity policies and procedures
- Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
- Bacheloru2019s degree in Cybersecurity, Information Security, Computer Science, or related field
- Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC) CC, CGRC or CISA or CRISC
- Speaks English and Arabic
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Sifi
Technical Project Manager
Riyadh, KSA
Lead and manage technology projects, ensuring timely delivery and compliance, requiring strong project management, technical understanding, and stakeholder coordination skills.
Senior Cloud & Security Infrastructure Engineer
Riyadh, KSA
Manage cloud infrastructure, ensure IT security, and implement disaster recovery solutions while providing technical leadership and collaborating on scalable systems.
Internal Audit
Riyadh, KSA
Tamheer Program Requirements: Saudi nationals Bachelor’s degree or higher in a relevant field Age between 22 and 30 years Not currently employed Not registered in GOSI Eligible ...
Product Manager — Platform
Saudi Arabia, KSA
Seeking a candidate with experience in B2B SaaS, customer engagement, data fluency, and decision-making under ambiguity to simplify processes.
AML officer ( Saudi Nationality only)
Riyadh, KSA
SiFi is building the future of spend management and financial operations in Saudi Arabia. Following our expansion into domestic and cross-border remittances, we are hiring a spe...
IT Security Engineer
Riyadh, KSA
The Cybersecurity function sets security standards, monitors compliance, and reports to governance. The Technology department owns and operates the infrastructure those standard...
Cyber Security Specialist
Riyadh, KSA
The role involves strong cybersecurity knowledge, incident response, security tools experience, and requires Saudi nationals with a relevant degree for the Tamheer Program.
Infrastructure Manager
Riyadh, KSA
Lead Site Reliability Engineering team, drive infrastructure strategy, ensure system availability, security compliance, and optimize costs while mentoring staff.
Technical Project Manager
Riyadh, KSA
Senior Cloud & Security Infrastructure Engineer
Riyadh, KSA
Internal Audit
Riyadh, KSA
Product Manager — Platform
Saudi Arabia, KSA
AML officer ( Saudi Nationality only)
Riyadh, KSA
IT Security Engineer
Riyadh, KSA
Cyber Security Specialist
Riyadh, KSA
Infrastructure Manager
Riyadh, KSA
