Cybersecurity GRC Specialist
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
About SiFi SiFi is a fast-growing B2B FinTech company specializing in spend management and card issuance solutions. We help companies take control of their spending, streamline expense workflows, and operate with greater efficiency.
Key Skills for This Role
Full Job Posting
About Sifi
SiFi is a fast-growing B2B FinTech company specializing in spend management and card issuance solutions.
We help companies take control of their spending, streamline expense workflows, and operate with greater efficiency.
Role Overview
The Cybersecurity GRC Specialist plays a critical role in maintaining SiFi’s cybersecurity compliance posture and ensuring audit readiness across all regulatory frameworks.
This role is responsible for managing the full Governance, Risk, and Compliance (GRC) lifecycle — including evidence management, policy governance, risk tracking, and KPI/KRI reporting — ensuring that all cybersecurity controls are measurable, defensible, and aligned with regulatory expectations.
1. Regulatory Compliance & Audit Readiness
- Maintain and manage the compliance tracker across SAMA CSF, PDPL/NDMO, and PCI-DSS
- Own the full evidence lifecycle: collection, validation, and documentation
- Ensure continuous audit readiness with traceable, control-aligned evidence
- Track regulatory findings and remediation plans, ensuring timely closure
- Provide regular compliance status reports to the CISO and relevant committees
2. Governance & Policy Management
- Develop and maintain cybersecurity policies, standards, and procedures
- Ensure documentation aligns with SiFi governance structure and regulatory expectations
- Manage document lifecycle (versioning, approvals, reviews)
- Map all policies and procedures to SAMA CSF controls
3. Cyber Risk Management
- Maintain and update the cybersecurity risk register
- Conduct third-party risk assessments (TPRA) and vendor due diligence
- Support risk reviews and reporting cycles
- Collaborate with Risk and Compliance teams to align enterprise risk frameworks
4. KPI And KRI Monitoring & Reporting
- Collect and validate cybersecurity KPIs/KRIs from relevant stakeholders
- Maintain a centralized KPI/KRI tracker
- Prepare periodic reports with trend analysis to support regulatory maturity (Level 3+)
- Identify and escalate performance gaps
Requirements
- Minimum 2 years in a dedicated Cybersecurity GRC role
- Hands-on experience with SAMA CSF compliance within regulated entities
- Experience in audit evidence preparation and regulatory assessments
- Strong background in drafting cybersecurity policies and procedures
- Experience using GRC platforms (e.g., Archer, ServiceNow GRC, OneTrust, etc.)
- Bachelor’s degree in Cybersecurity, Information Security, Computer Science, or related field
- Certifications in ISO 27001 Lead Implementer / Lead Auditor, Security+, (ISC)² CC, CGRC or CISA or CRISC
- Speaks English and Arabic
Preferred Qualifications
- Experience with PDPL and NDMO regulations
- PCI-DSS compliance exposure
- Knowledge of cloud security (AWS, Azure, GCP, OCI)
- Experience in fintech or financial services
- Familiarity with frameworks like ISO 27001, NIST, COBIT
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at Talent 360
Social Media Marketing - Tamheer | Riyadh, KSA
الرياض, KSA
A leading lighting solutions company in Riyadh is seeking a Saudi graduate for a Digital Content & Social Media Coordinator role through the Tamheer Program. The role involves managing social media, creating photo/video
Marketing Specialist | Riyadh, KSA
الرياض, KSA
ARAK for Lighting is seeking a Marketing Specialist in Riyadh to execute marketing initiatives enhancing brand visibility and lead generation. The role involves social media management, content creation, market research,
Customer Success Intern
الرياض, KSA
Talent 360 is seeking a Customer Success Intern to support clients with Mohasby services. The role involves responding to inquiries, onboarding clients, and coordinating with internal teams. Ideal for fresh graduates wit
Sales Intern
الرياض, KSA
Talent 360 is seeking a Sales Intern to generate leads, assist the sales team, and support business growth. The role offers training and mentorship for fresh graduates with a bachelor's degree in Accounting or related fi
Finance Lead
الرياض, KSA
We are seeking an experienced and driven Finance Lead to oversee and manage the financial operations of our entities in Egypt and Saudi Arabia (KSA). The ideal candidate will have strong expertise in financial reporting,
Senior AI Data Engineer
الرياض, KSA
About Us We are building the next-generation Office of the CFO that simplifies finance for all businesses. SiFi is a corporate expense management platform designed to empower accounting teams with seamless control over c
Internal Audit Manager
الرياض, KSA
About Us: SiFi is a rapidly growing B2B Fin-Tech company transforming expense management for businesses in Saudi Arabia. As a licensed EMI from the Saudi Central Bank, we empower companies with innovative tools to simpli
Venture Capital Lead
الرياض, KSA
The Venture Capital Lead is responsible for leading key venture capital activities, including deal sourcing, investment evaluation, portfolio monitoring, and supporting execution of investment strategies. The role acts a
Social Media Marketing - Tamheer | Riyadh, KSA
الرياض, KSA
Marketing Specialist | Riyadh, KSA
الرياض, KSA
Customer Success Intern
الرياض, KSA
Sales Intern
الرياض, KSA
Finance Lead
الرياض, KSA
Senior AI Data Engineer
الرياض, KSA
Internal Audit Manager
الرياض, KSA
Venture Capital Lead
الرياض, KSA