JOB DESCRIPTION / ROLE
•Develop and maintain cybersecurity governance frameworks, policies, and procedures aligned with industry standards (ISO 27001, NIST, CIS Controls, etc.).
•Conduct regular reviews and updates to ensure documentation reflects current risks and regulatory requirements.
•Assist in security awareness initiatives and training programs.
•Identify, assess, and monitor cybersecurity risks across systems, networks, and third-party engagements.
•Support risk assessment processes and develop mitigation plans in collaboration with relevant stakeholders.
•Maintain the risk register and ensure effective tracking and reporting of risk status and treatment plans.
•Ensure compliance with applicable standards, frameworks, and regulations (e.g., ISO 27001, GDPR, NCA ECC, SAMA CSF, NIST).
•Conduct internal security audits and support external audits, certifications, and assessments.
•Monitor and report on compliance gaps, recommending remediation measures.
•Collaborate with Security Operations and IT Infrastructure teams to ensure alignment between policy and practice.
•Participate in incident response and post-incident reviews from a governance and compliance perspective.
•Support vendor risk assessments and ensure third parties meet security and compliance expectations.
Requirements:
•Bachelor’s degree in Information Security, Computer Science, Information Technology, or a related field.•3 – 7 years of experience in cybersecurity, preferably with a focus on governance, risk, and compliance.
•Strong understanding of security frameworks such as ISO 27001, NIST, SAMA CSF, and COBIT.
•Experience with risk management tools, audit processes, and security documentation.
•Knowledge of regulatory and compliance requirements (GDPR, NCA ECC, SAMA, PCI DSS, etc.).
•Professional certifications are an advantage (e.g., CISA, CRISC, ISO 27001 Lead Implementer/Auditor, CISSP, CEH).
ABOUT THE COMPANY
Saudi Networkers Services, incorporated in 2001 with an aim to provide the world class business and consulting services through a combination of market insight, technical excellence and unrivalled agile methodology.
Our success stems from building strong relationships and trusted partners, which enabled us delivering exceptional services to public sector, as well as some world's leading organizations, in Telecommunication, Information Technology, Cyber Security, Banking, Energy, Utilities and various other industry arenas.
We collaborate closely, ideate that how the work gets done, while working alongside businesses to collaborate on growth and applying breakthrough innovations, that drive exponential impact, managed by teams specialized in their assigned industry sectors.
