- Develop, implement, and maintain cybersecurity policies, standards, and procedures in alignment with industry frameworks (e.g. NIST, ISO 27001).
- Conduct risk assessments and identify vulnerabilities, recommending appropriate controls and mitigation strategies.
- Ensure compliance with relevant data protection regulations (e.g. GDPR, CCPA) and industry-specific mandates.
- Manage and support internal and external audits related to cybersecurity and IT controls.
- Develop and deliver GRC awareness training programs for employees.
- Monitor the regulatory landscape for changes and update GRC frameworks accordingly.
- Collaborate with legal, IT, and business units to integrate GRC requirements into projects and operations.
- Track and report on the status of GRC initiatives and security posture to leadership.
- Support incident response efforts by ensuring compliance with established procedures.
- Evaluate and recommend GRC tools and technologies to improve efficiency and effectiveness.
Saudi Networkers Services
