Security & Compliance Lead (Project-Based / Contractual)

Language: English (professional), Arabic beneficial

Role Overview

We are seeking a Mid-Level Security & Compliance Lead for a project-based engagement. The role will start upon project award and is limited to the project duration. The lead will ensure cybersecurity controls, regulatory compliance, and risk management for the project, aligned with NCA, NDMO, and organizational standards.

Key Responsibilities

• Implement and maintain cybersecurity controls to protect project systems and data.
• Ensure compliance with Saudi regulations, including NCA and NDMO guidelines.
• Identify, assess, and manage security and compliance risks throughout the project lifecycle.
• Develop and maintain security policies, procedures, and documentation.
• Collaborate with IT, DevOps, and project teams to integrate security and compliance into workflows.
• Monitor, report, and respond to security incidents, vulnerabilities, and audit findings.
• Support internal and external audits related to cybersecurity and compliance.

Skills

• 3–6 years’ experience in cybersecurity, risk management, or IT compliance.
• Knowledge of NCA, NDMO, and Saudi cybersecurity regulations.
• Experience implementing and managing cybersecurity controls, policies, and audits.
• Familiarity with risk assessment frameworks and mitigation strategies.
• Strong problem-solving and analytical skills in security and compliance contexts.
• Excellent communication skills to collaborate with technical teams and stakeholders.
• Relevant certifications (e.g., CISSP, CISM, ISO 27001 Lead Implementer) are a plus.

Engagement Model

• Project-based / contractual role
• Engagement begins upon project award and continues for the project duration
• Full-time commitment during active project phases