Cyber security GRC Specialist
Medgulf
Total years of experience :1 years, 3 Months
o Conducting risk assessment on IT/ Security solutions and ensure its rules and security controls are implemented.
o Monitor and measure key performance indicators (KPIs) to assess and track the effectiveness, efficiency, and performance of various processes and controls within the organization.
o Assessing vendor risk across Security, Privacy through common processes and tools.
o Formulate an extensive awareness and training plan aimed at educating employees about cybersecurity risks.
o Record the findings of a risk assessment in a centralized risk register and initiate follow-up procedures to mitigate identified risks.
o Assist in the implementation of the SAMA (Saudi Arabian Monetary Authority) Cybersecurity Framework to ensure compliance and alignment with regulatory standards.
o Oversee the execution of cybersecurity policies, procedures, standards, and initiatives across the organization to enhance security posture and resilience.
o Conduct regular reviews of the cybersecurity risk register to identify emerging threats and vulnerabilities, and take proactive measures to address them.
o Implement an effective awareness and training program to educate employees about cybersecurity best practices and promote a culture of security awareness throughout the organization.