Grc Consultant

Description:

Key Responsibilities:
Implement, monitor, and maintain GRC programs aligned with SAMA Cybersecurity Framework and NCA Essential Cybersecurity Controls (ECC)
Conduct gap assessments, risk assessments, and define mitigation strategies
Develop and review policies, procedures, and controls for compliance and cybersecurity governance
Coordinate with stakeholders to ensure regulatory compliance reporting
Support internal and external cybersecurity audits
Deliver training and awareness sessions on cybersecurity policies and controls
Track and report risk treatment plans and compliance status

🎯 Required Skills & Qualifications:
3–5 years of hands-on experience in GRC consulting
Proven track record with SAMA CSF and NCA ECC implementation or assessment
Strong knowledge of risk management, cybersecurity governance, and compliance frameworks
Familiarity with standards such as ISO 27001, NIST, COBIT is a plus
Excellent communication and stakeholder management skills
Arabic language proficiency is a plus