Submitting more applications increases your chances of landing a job.

Here’s how busy the average job seeker was last month:

Opportunities viewed

Applications submitted

Keep exploring and applying to maximize your chances!

Looking for employers with a proven track record of hiring women?

Click here to explore opportunities now!
We Value Your Feedback

You are invited to participate in a survey designed to help researchers understand how best to match workers to the types of jobs they are searching for

Would You Be Likely to Participate?

If selected, we will contact you via email with further instructions and details about your participation.

You will receive a $7 payout for answering the survey.


User unblocked successfully
Mohammed ALSUBAYT, Cybersecurity GRC Specialist

Mohammed ALSUBAYT

Cybersecurity GRC Specialist·Diriyah Company

Saudi Arabia

High school or equivalent, Managing Risk in the Information Age

Work experience

Total years of experience: 4 years, 2 months

Cybersecurity GRC Specialist

December 2024 - Present

Diriyah Company

Riyadh, Saudi Arabia

December 2024 - Present

• Lead and manage compliance activities across NCA cybersecurity frameworks (ECC, CCC, TCC,
CSCC, OSMACC, and DCC), assess the organizations cybersecurity posture, and ensure alignment
with ISO/IEC 27001 and NIST CSF 2.0.
• Perform cybersecurity risk assessments, develop mitigation strategies, maintain risk registers, and
support risk treatment planning based on NCA Cybersecurity Risk Management requirements and
ISO/IEC 27005.
• Develop, review, and enforce cybersecurity policies, standards, and procedures aligned with
organizational objectives, regulatory requirements, and cybersecurity governance best practices.
• Support internal and external audits by coordinating evidence collection, validating control
implementation, and tracking remediation activities.
• Facilitating and supporting internal and external audits, including evidence collection and audit
follow-ups.
• Communicate cybersecurity risks, compliance status, and remediation progress to business
stakeholders and support strategic cybersecurity initiatives.
• Support cybersecurity awareness initiatives and promote security best practices across the
organization.
• Track corrective actions and compliance remediation plans to support regulatory readiness and
improve overall cybersecurity posture.

Company industry:
Facilities & Property Management
Job role:
Information Technology

Cybersecurity GRC Specialist

May 2024 - December 2024

Semi Government Authority

Riyadh, Saudi Arabia

May 2024 - December 2024

• Establishing and enforcing corporate governance policies and frameworks.
• Ensuring adherence to local and international legal and regulatory standards.
• Designing and implementing compliance policies and procedures.
• Delivering training and awareness sessions on compliance obligations.
• Promoting GRC awareness among employees and stakeholders.
• Compiling and presenting GRC reports to senior management and the board.

Company industry:
Distribution, Supply Chain & Logistics
Job role:
Information Technology

Cybersecurity Analyst – Cybersecurity GRC Specialist

March 2023 - May 2024

SAMI- Advanced Electronics

Riyadh, Saudi Arabia

March 2023 - May 2024

o Analyzing security logs for unusual behavior and potential security problems.
o Responding promptly to cybersecurity incidents, conducting investigations to identify the root cause, containing the incident, and implementing remediation measures to prevent recurrence.
o Documenting security incidents, investigations, and remediation activities in detail, and preparing reports and presentations to communicate findings, recommendations, and metrics to management and stakeholders.
o Conducting regular risk assessments to identify potential risks.
o Developing and monitoring key performance indicators (KPIs) for GRC activities.
o Developing and implementing corporate governance policies and frameworks. o Conducting periodic reviews and updates of governance structures and processes. o Conducting risk assessments and developing risk mitigation plans. o Ensuring compliance with local and international laws, regulations, and standards. o Developing and implementing compliance policies and procedures. o Providing training and awareness programs on compliance requirements. o Raising awareness of GRC issues among employees and stakeholders. o Preparing and presenting GRC reports to senior management and the board

Company industry:
Industrial Production
Job role:
Information Technology

Advanced Data Analysis & AI Intern

January 2022 - October 2022

Saudi Central Bank

Riyadh, Saudi Arabia

January 2022 - October 2022

• Developed modules for data analysis and insights generation.
• Implemented machine learning and deep learning techniques to solve complex problems.
• Redesigned application interfaces to enhance user experience and functionality.

Company industry:
Financial Services

Education

Harvard University

January 2024

January 2024

High school or equivalent, Managing Risk in the Information Age

United States

King Saud University

October 2022

October 2022

Bachelor's degree, Bachelor's degree in Software Engineering

Saudi Arabia

King Saud University

January 2022

January 2022

Bachelor's degree, هندسة برمجيات

Saudi Arabia

King Saud University

January 2022

January 2022

Bachelor's degree, Software Engineering

Saudi Arabia

King Saud University

January 2022

January 2022

Bachelor's degree, Engineering

Saudi Arabia

Skills

IT Governance
Expert
IT Governance
Expert
Operation
Expert
Operation
Expert
SIEM Qradar
Expert
SIEM Qradar
Expert
Analysis
Expert
Analysis
Expert
Cyber Security
Expert
Cyber Security
Expert
DIGITAL FORENSICS
Intermediate
DIGITAL FORENSICS
Intermediate
FIREBASE
Beginner
FIREBASE
Beginner
COMPLIANCE REPORTING
Intermediate
COMPLIANCE REPORTING
Intermediate
RISK ANALYSIS
Intermediate
RISK ANALYSIS
Intermediate
SECURITY POLICIES
Intermediate
SECURITY POLICIES
Intermediate
RISK MITIGATION
Intermediate
RISK MITIGATION
Intermediate
ARTIFICIAL INTELLIGENCE
Intermediate
ARTIFICIAL INTELLIGENCE
Intermediate
PROJECT RISK MANAGEMENT
Intermediate
PROJECT RISK MANAGEMENT
Intermediate
C (PROGRAMMING LANGUAGE)
Expert
C (PROGRAMMING LANGUAGE)
Expert
MACHINE LEARNING
Beginner
MACHINE LEARNING
Beginner
VULNERABILITY
Intermediate
VULNERABILITY
Intermediate
JAVA (PROGRAMMING LANGUAGE)
Beginner
JAVA (PROGRAMMING LANGUAGE)
Beginner
Splunk
Intermediate
Splunk
Intermediate
GRC
Intermediate
GRC
Intermediate
RISK MANAGEMENT
Expert
RISK MANAGEMENT
Expert
OPERATION CENTERS
Intermediate
OPERATION CENTERS
Intermediate
CERTIFIED ETHICAL HACKER
Beginner
CERTIFIED ETHICAL HACKER
Beginner
PROBLEM SOLVING
Expert
PROBLEM SOLVING
Expert
PYTHON (PROGRAMMING LANGUAGE)
Expert
PYTHON (PROGRAMMING LANGUAGE)
Expert
CORPORATE GOVERNANCE
Expert
CORPORATE GOVERNANCE
Expert
INTERNATIONAL LAWS
Expert
INTERNATIONAL LAWS
Expert
GOVERNANCE
Expert
GOVERNANCE
Expert
MITIGATION
Expert
MITIGATION
Expert
LEADERSHIP
Expert
LEADERSHIP
Expert
CYBER GOVERNANCE
Intermediate
CYBER GOVERNANCE
Intermediate
CYBER SECURITY
Intermediate
CYBER SECURITY
Intermediate
CYBER SECURITY ASSESSMENT
Intermediate
CYBER SECURITY ASSESSMENT
Intermediate
EXTERNAL AUDITING
Intermediate
EXTERNAL AUDITING
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
GOVERNANCE RISK MANAGEMENT AND COMPLIANCE
Intermediate
INFORMATION ASSURANCE
Intermediate
INFORMATION ASSURANCE
Intermediate
INTERNAL AUDITING
Intermediate
INTERNAL AUDITING
Intermediate
REGULATORY COMPLIANCE
Intermediate
REGULATORY COMPLIANCE
Intermediate

Languages

Arabic

Native Speaker

English

Expert

Training and Certifications

Certifications
Junior Penetration Tester (eJPTv2).
Digital Forensics Professional (eCDFP).
Threat Hunting Professional (eCTHP).
GRC Auditor (GRCA).
GRC Professional (GRCP).
Certified Ethical Hacker (CEHv12).
GIAC Strategic Planning, Policy, and Leadership (GSTRT)
ISO27001 Lead Implementer.
ISO27001 Lead Auditor.
Risk and Information Systems Control (CRISC).
Cybersecurity: Managing Risk in the Information Age
CRISC
Aug 2024
ISO 27001 Lead Implementer
Aug 2023
ISO 27001 Lead Auditor
CEHv12
Dec 2023
eJPTv2
Aug 2023

Training
Security+
Ministry of communication
Nov 2022

Hobbies and interests

Digital Arts