img
Contract TypeFull-time
Workplace typeOn-site
LocationRiyadh

Job Description

About the Role

ECOVIS Al Sabti, a member firm of the global ECOVIS International network, is seeking a Cybersecurity & GRC professional to join its team in Riyadh, Saudi Arabia. As part of an international consulting organization with a presence in over 95 countries, ECOVIS Al Sabti provides services including audit, assurance, financial advisory, enterprise risk management, and cybersecurity. The firm focuses on delivering tailored solutions by combining global expertise with local market insight. This role is integral to assisting clients in navigating the complexities of cybersecurity and governance, risk, and compliance.

This full-time position within the Riyadh Region offers an opportunity to contribute to the security posture of various clients. The role involves developing and implementing cybersecurity strategies, ensuring compliance with regulations and standards, and managing risks.

Key Responsibilities

  • Develop and maintain Cybersecurity policies, frameworks, and controls, aligning with local regulations such as NCA standards and the SAMA framework, and industry best practices including ISO 27001, NIST, and SOC 2.
  • Conduct risk assessments, gap analyses, and audits to identify vulnerabilities and ensure adherence to regulatory requirements.
  • Provide expert support to clients in managing cybersecurity risks, including third-party risk, project-specific risks, and vendor assessments.
  • Monitor and report on the effectiveness of security controls, key performance indicators (KPIs), and compliance posture through regular reviews.
  • Assist in driving security awareness initiatives, conducting tabletop exercises, and promoting continuous improvement in clients' cybersecurity programs.
  • Administer and monitor SIEM platforms to enhance log ingestion, refine correlation rules, and improve real-time threat detection for Security Operations Center (SOC) functions.

Qualifications and Requirements

  • A Bachelor's degree in Information Technology, Computer Science, Cybersecurity, or a related field.
  • A solid understanding of IT and Cybersecurity infrastructure systems.
  • A minimum of 2 to 5 years of relevant professional experience.
  • Proficiency in Microsoft Office Suite (Word, Excel, PowerPoint).
  • Demonstrated ability to work effectively in a team and adapt to a fast-paced work culture.

Required Skills and Competencies

  • Cybersecurity policy development and implementation
  • Frameworks and controls management (NCA, SAMA, ISO 27001, NIST, SOC 2)
  • Risk assessment, gap analysis, and auditing
  • Vulnerability identification and management
  • Regulatory compliance assurance
  • Cybersecurity risk management
  • Third-party risk management and vendor assessments
  • Security control monitoring and KPI reporting
  • Compliance posture monitoring
  • Security awareness training and tabletop exercises
  • Continuous improvement methodologies for security programs
  • SIEM platform administration and monitoring
  • Log ingestion and correlation rule development
  • Real-time threat detection
  • SOC operations support
  • IT and Cybersecurity infrastructure systems knowledge
  • Proficiency in Microsoft Office
  • Teamwork and collaboration
  • Adaptability to dynamic work environments

Additional Information

Certifications such as CISA, CISM, or CISSP are preferred. The role is based in Riyadh, Saudi Arabia, and is a full-time position. The required experience is between 2-5 years.


Requirements

  • Requires 2-5 Years experience

Similar Jobs