Security Solution yst - Saudi Business Machines
Posted on :
17-09-2024
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
17-09-2024
Job Description
The Security Solution Analyst will be responsible for establishing and maintaining cybersecurity governance frameworks policies and procedures ensuring compliance with cybersecurity laws regulations and industry standards. This role will oversee internal reviews manage GRC automation tools and coordinate external audits while providing regular reports to the Manager of GRC. The successful candidate will ensure alignment with best practices and security controls to protect the organization against cyber threats.
Detailed Responsibilities:
- Establish and maintain cybersecurity governance frameworks policies and procedures in compliance with the National Cybersecurity Authority (NCA) controls and other regulatory standards.
- Monitor and ensure compliance with cybersecurity laws such as the Personal Data Protection Law (PDPL) ISO 27001 and related industry standards.
- Review system configurations network settings and security controls to align with best practices and compliance requirements.
- Conduct internal compliance reviews and assessments to identify security gaps and recommend areas of improvement.
- Manage and optimize GRC automation tools to streamline compliance processes.
- Establish and manage controls attestation procedures ensuring that control owners validate the effectiveness of security measures.
- Develop and manage vendor security assessment processes and criteria to evaluate thirdparty cybersecurity practices.
- Provide regular reports to the Manager of GRC communicating security risks issues and mitigation strategies to stakeholders.
- Coordinate and support external audits and certification processes ensuring successful outcomes.
- Map relevant requirements to Information Security (IS) policies and control objectives creating a clear linkage between policies standards and controls.
- Ability to work on cloud security platforms such as Microsoft 365 and Azure and manage vulnerability assessments.
Skills:
- Strong understanding of cybersecurity governance and regulatory compliance frameworks.
- Proficiency in system configuration network security and security controls.
- Experience with GRC tools and automation technologies.
- Vendor risk management and assessment capabilities.
- Ability to conduct internal compliance reviews and coordinate external audits.
- Excellent communication and reporting skills with the ability to collaborate across teams.
Certifications:
- ISC2 Certified GRC
- Certified Information Systems Security Professional (CISSP)
- Certified Information Systems Auditor (CISA)
- SANS SEC566 Implementing and Auditing CIS Controls
- OSCP Offensive Security Certified Profession
More jobs on
Employment Type
Full Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
