About the Role We are looking for a Cybersecurity GRC Specialist to manage and optimize our Governance, Risk, and Compliance (GRC) platform. This role ensures compliance with regulatory frameworks, supports risk management processes, and drives continuous improvement of cybersecurity governance operations. Key Responsibilities Administer and maintain the Cyber Arrow GRC platform, including user accounts, roles, and permissions. Configure and optimize workflows, dashboards, and forms to meet business needs. Support risk assessments, control testing, and issue management. Maintain and update risk and control registers; track remediation actions. Facilitate compliance reviews and evidence collection for audits. Generate and distribute compliance, audit, and risk reports; maintain KPIs/KRIs dashboards. Act as first-line support for GRC tool issues; manage logging, tracking, and escalation. Provide onboarding and refresher training for users; maintain user guides. Align tool configuration with evolving regulatory and organizational requirements. Collaborate with stakeholders to gather requirements and recommend GRC process improvements. Conduct awareness sessions and workshops on governance, risk, and compliance concepts. Required Skills & Experience3–5 years in Cybersecurity Governance, Risk & Compliance (GRC) or IT Governance roles. Hands-on experience with GRC platforms (Cyber Arrow preferred). Strong understanding of risk management frameworks, compliance standards, and audit processes. Familiarity with Saudi cybersecurity regulations and NCA frameworks. Excellent analytical, reporting, and stakeholder communication skills. Preferred Qualifications Certifications: CISM, CRISC, ISO 27001 Lead Implementer, or equivalent. Experience in regulated environments (aviation, government, finance). Knowledge of ITSM processes and cybersecurity controls. Service Level Expectations (SLA) Critical issues: Response within 1 hour, resolution within 8 hours. High severity: Response within 4 hours, resolution within 24 hours. Medium severity: Resolution within 3 business days. Low severity: Resolution within 5 business days.