Division Head - Governance Risk Compliance

One of our prestigious clients in Kingdom of Saudi Arabia is looking to hire Division Head Governance Risk & Compliance (GRC).

JOB PURPOSE / OBJECTIVE:
Develop and implement business applications systems and procedures within recognized fields of Information Technology (IT) endeavors as detailed.

KEY ACCOUNTABILITIES:

• Enhance or develop cybersecurity GRC framework policies and procedures.

• Implement maintain and support cybersecurity GRC policies and procedures.

• Work with crossfunctional teams to assess security vulnerabilities and process deficiencies to develop effective mitigation strategies also track and provide remediation guidance for new projects services and/or thirdparty contracts in terms of information security assurance.

• Develop and maintain regular cybersecurity awareness training to ensure all staff members are knowledgeable with the organizations cybersecurity policies procedures and standards.
  
• Improve security positioning through process improvement policy automation and the continuous evolution of capabilities.

• Oversee highest risk initiatives and serve as a point of escalation for remediation/mitigation efforts.

• Develop and work on risk strategy that identifies and classifies risks defines appropriate tolerances prioritizes mitigation activities following the compliance.

• Consolidate Data analysis of important GRC risk information including the cyber risk register policy exceptions audit findings and data security reviews.

• Lead and manage Comprehensive Risk assessment and Risk action plans.

• Lead and manage NCA and other regulatory compliance requirements.

• Develop and mentor the GRC team members.

• Develop and manage project proposals resources and plans.

• Perform any other related duties as required or assigned.

QUALIFICATIONS & EXPERIENCE:

Education
Bachelor of Science (BS) OR bachelors degree in computer science Management Information Technology (MIS) Engineering Physical Sciences or equivalent.

Professional Qualifications (Certifications & Accreditations)
IT Industry Accredited and related certificate e.g. ITIL CCSP CEH CISA CISM.

Competencies (Knowledge Skills & Abilities)

• Proficient with Information security and GRC systems applications and tools

• Proficient with frameworks and standards associated with Information security/GRC such as ISO 27001 NIST ISO 38500 COBIT 5

• Familiar with frameworks and standards associated with IT like ITIL ISC 20000 etc.

• At least 3 years in Information security and GRC.
  

Languages
Thoroughly proficient in both verbal and written English

WORKING RELATIONS:

Internal Interactions
Frequent contact with Senior Analysts for direction and guidance and with customers for review and evaluation of application requirements.

External Interactions
Frequent contact with vendors for product information and Information Technology (IT) project status.

*This position is offered to Saudi National Candidates.

Remote Work :

No