Director of Information Security - GRC
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
We are seeking a Director of Information Security – GRC to lead governance, risk, and compliance programs across Saudi Arabia. The role requires strategic oversight of regulatory frameworks, stakeholder engagement at board level, and leadership of a high-performing GRC team.
Key Skills for This Role
Responsibilities
- Develop and maintain an integrated information security governance framework aligned with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF
- Drive risk management processes, including identification, assessment, treatment and reporting of information security risks
- Oversee compliance monitoring activities to ensure adherence to GDPR, PDPL and relevant local regulations
- Lead audit response efforts, coordinate internal and external audits, and ensure timely remediation of findings
- Manage third party assurance and vendor risk assessments to uphold security standards across the supply chain
- Provide strategic counsel and regular reporting to the Board of Directors and executive leadership on GRC metrics, trends and initiatives
- Engage with regulatory bodies, including SAMA and NCA, to interpret requirements and influence regulatory developments
- Recruit, mentor and develop a skilled GRC team fostering a culture of accountability and continuous improvement
- Collaborate with cross functional teams to integrate GRC principles into business processes and technology initiatives
Requirements
- 12–18 years of progressive experience in information security governance, risk and compliance
- Proven technical expertise with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF frameworks
- In depth knowledge of GDPR and PDPL requirements
- Demonstrated experience in cybersecurity governance and enterprise risk management
- Strong background in compliance monitoring, audit response and third party assurance
- Excellent team leadership skills with experience managing multidiscipline security teams
- Exceptional communication skills, with proven ability to present to board members and senior executives
- Experience engaging with regulatory authorities in the Middle East region
- CISSP, CISM or CRISC certification preferred
- ISO 27001 Lead Auditor or Implementer certification preferred
- Prior experience in Saudi Arabian financial services or regulated industries preferred
- Advanced degree in Information Security, Cybersecurity, Risk Management or related field preferred
Full Job Posting
About the Role
- The Director of Information Security – GRC will lead the design, implementation and continuous improvement of the organization’s governance, risk and compliance programs across Saudi Arabia.
- This role requires strategic oversight of multiple regulatory frameworks, stakeholder engagement at board and executive levels, and the leadership of a high performing GRC team to ensure robust information security posture and regulatory alignment.
Responsibilities
- Develop and maintain an integrated information security governance framework aligned with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF
- Drive risk management processes, including identification, assessment, treatment and reporting of information security risks
- Oversee compliance monitoring activities to ensure adherence to GDPR, PDPL and relevant local regulations
- Lead audit response efforts, coordinate internal and external audits, and ensure timely remediation of findings
- Manage third party assurance and vendor risk assessments to uphold security standards across the supply chain
- Provide strategic counsel and regular reporting to the Board of Directors and executive leadership on GRC metrics, trends and initiatives
- Engage with regulatory bodies, including SAMA and NCA, to interpret requirements and influence regulatory developments
- Recruit, mentor and develop a skilled GRC team fostering a culture of accountability and continuous improvement
- Collaborate with cross functional teams to integrate GRC principles into business processes and technology initiatives
Required Qualifications
- 12–18 years of progressive experience in information security governance, risk and compliance
- Proven technical expertise with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF frameworks
- In depth knowledge of GDPR and PDPL requirements
- Demonstrated experience in cybersecurity governance and enterprise risk management
- Strong background in compliance monitoring, audit response and third party assurance
- Excellent team leadership skills with experience managing multidiscipline security teams
- Exceptional communication skills, with proven ability to present to board members and senior executives
- Experience engaging with regulatory authorities in the Middle East region
Preferred Qualifications
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or CRISC
- ISO 27001 Lead Auditor or Implementer certification
- Prior experience in Saudi Arabian financial services or regulated industries
- Advanced degree in Information Security, Cybersecurity, Risk Management or related field
- Fluency in Arabic
- Experience leading GRC initiatives during major digital transformation programs
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at TASC Outsourcing
Sales Promoter
Abu Dhabi Emirate, UAE
TASC Outsourcing is hiring a Sales Promoter for a 6-month contract in Abu Dhabi. The role focuses on customer engagement, issue resolution, and ensuring a positive customer journey. Immediate joiners preferred.
Customer Service Representative
Abu Dhabi Emirate, UAE
TASC Outsourcing seeks a Customer Service Representative for a 6-month contract in Abu Dhabi. The role involves handling customer queries, complaints, and escalations, ensuring timely resolution and maintaining service q
Fresher
Abu Dhabi Emirate, UAE
TASC Outsourcing is hiring a Fresher for a 6-month contract role in Abu Dhabi. The role involves acting as the primary point of contact for customers, handling queries and complaints, and ensuring a positive customer jou
Sales Manager - Rail Transit
Dubai, UAE
TASC Outsourcing seeks a Sales Manager for Rail Transit to drive business growth in the GCC and Southeast Asia. The role involves developing regional sales strategies, managing government and EPC relationships, and leadi
National Sales Manager - Metrology / Precision Measurement
Dubai, UAE
TASC Outsourcing is seeking a National Sales Manager for Metrology/Precision Measurement to develop sales strategies, manage distributor relationships, and drive business growth. The ideal candidate has a Bachelor's degr
Piping Designer - ( 1-2 Months Contract)
Abu Dhabi Emirate, UAE
TASC Outsourcing seeks a Piping Designer for a 1-2 month contract in Abu Dhabi. The role requires 5-10 years of piping design experience in Oil & Gas EPC projects, with knowledge of piping layout, P&IDs, and engineering
Management Accountant
Dubai, UAE
TASC Outsourcing seeks a Management Accountant for a contract role in Dubai's oil and gas industry. Responsibilities include producing financial reports, preparing budgets, VAT returns, and supporting month-end close. Ca
Fresher
Abu Dhabi Emirate, UAE
TASC Outsourcing is hiring a Fresher for a 6-month contract role focused on customer experience and engagement. The role involves handling queries, resolving issues, and ensuring customer satisfaction with a salary of 35
Sales Promoter
Abu Dhabi Emirate, UAE
Customer Service Representative
Abu Dhabi Emirate, UAE
Fresher
Abu Dhabi Emirate, UAE
Sales Manager - Rail Transit
Dubai, UAE
National Sales Manager - Metrology / Precision Measurement
Dubai, UAE
Piping Designer - ( 1-2 Months Contract)
Abu Dhabi Emirate, UAE
Management Accountant
Dubai, UAE
Fresher
Abu Dhabi Emirate, UAE
