Purpose

The Cybersecuity GRC Analyst is responsible for managing and implementing the Governance, Risk and Compliance (GRC) framework within the organization. This role ensures that cybersecurity practices comply with applicable regulations and industry standards while managing the cyber risks effectively

What to include:

       •           Govern the cybersecurity function for the organization

       •           Building the cybersecurity program for the organization

       •           Governance, Compliance, Risk and Awareness

Nature & Scope

Developing, applying and managing the cybersecurity mandates by the national authorities. It requires high level of soft-skills as employee will interface with BHIG management, internal teams, and BHIG customers to address the business needs and convene on applying it.

What to include:

       •           Cybersecuity Manager

       •           Office while working with all teams across the organization.

       •           Technical and non-technical assessments.

Principal Accountabilities:

• Have cybersecurity experience at Operational Technology/Industrial Control Systems.
• Expert in managing Cybersecurity Governance, Risk, and Compliance work.
• Expert in delivering cybersecurity assessments such as Compliance Assessment, Risk Assessment and Maturity Assessment.
• Knowledgeable in developing cybersecurity strategies and roadmaps to achieve both business and regulatory objectives.
• Expert in developing a robust cybersecurity program to protect the company assets and information.
• Expert in dealing with cybersecurity regulations, policies, and procedures (National, International, and internal).
• Have excellent soft skills in delivering cybersecurity awareness sessions and training programs to various audiences.
• Skilled to develop, maintain and update various cybersecurity reports & indicators (weekly, monthly, quarterly, annual)
• Stays up to date in newly cybersecurity developments (regulations update, new technologies rollout, cyber threat landscape news)

Skills

Minimum Requirements and Qualifications

What to include:

       Bachelor’s degree in cybersecurity, computer science or relevant fields.

• Cybersecurity professional certificates, preferably:          
• CompTIA Security+
• Certified Governance Risk and Compliance (CGRC)
• Very good English language skills in written and verbal communications
• Saudi nationality is a must.
• Minimum 4 years in relevant experience