Security GRC Consultant

Posted 19 October 2023
Salary 20-30K SAR p/m and benefits
LocationSaudi Arabia
Job type Permanent
Discipline InfoSec & Cybersecurity
Contact NameBrett Lockett

Job description

The Security GRC Consultant is responsible for the successful engagement with the business development team, support in the development of opportunities, presales activities as well as successful delivery and completion of consultancy projects related to governance, risk and compliance services within the defined budget and timeline.

This includes tasks related to third party cybersecurity risk management, data classification consulting, business impact analysis, risk assessments, and treatment planning, effectiveness measurements, development of policies and procedures, awareness presentations, and any other documentation to achieve compliance with the intended standards or compliance requirements within the KSA market.


  • Hands-on delivery of strategic consultancy projects related to but not limited to third party cybersecurity risk management, SOC consulting, data classification, ISO/IEC 270XX, ISO 22301, ISO/IEC 20000-1, NCA, SAMA, and CITC standards/regulations/requirements.

  • Conduct presales and sales enablement activities in relation to the identified consulting services.

  • Interface with management for project-related matters.

  • Gaining familiarity with the technical products in the portfolio and guide staff in integrating this knowledge for the management system consultancy.

  • Supporting the standardization activities.

  • Identifying own areas of work and further developing existing work areas in strategic security consulting.

Qualification and Skills

  • Native Arabic speaker will be preferred.

  • Minimum of 8 years of working experience in the KSA market in a similar capacity.

  • Hands-on working experience in relation to third party cybersecurity risk management project execution.

  • Excellent working knowledge of the following: SOC consulting, ISO/IEC 270XX, ISO 22301, ISO/IEC 20000-1, NCA, SAMA CSF, and CITC standards/ regulations/ requirements.

  • Hands-on experience in delivery project activities related to the above.

  • Excellent consulting skills; strong customer and business focus.

  • University degree in a technical subject related to IT and/or Information Security.

  • Track record in supporting presales and sales activities related to consulting services.

  • Track record in implementing cybersecurity-related frameworks.

  • Good communication and interpersonal skills.

  • Industry professional certifications such as CISSP, CISM, and CISA are desirable.

If this sounds like you, submit an application today!