Cyber Security GRC Specialist
Confidential
Total years of experience :2 years, 4 Months
• Working on SAMA framework to help SMEs to acquire the license to operate.
• Ensures that our clients comply with the regulatory requirements with respect to any changes
or updates in cybersecurity laws in Saudi Arabia.
• Working on BC and DR Plans for our clients.
• Working on developing and implementing ISMS Documents.
• Assist in the identification and evaluation of Cyber Security risks and threats, and work with / guide the relevant stakeholders in mitigating identified risks.
• Applying CSF by SAMA, and collect the evidences.
• Ensure that all corrective actions are performed.
• Lead the information security compliance framework, ensuring client activities, processes, and procedures meet defined requirements, policies, and regulations.
• Develop a cybersecurity awareness program and plan, as well as liaise with respective business units and external vendors.
• Oversee the cybersecurity strategy and ensure achieving the short and long term strategic objectives.
• Monitor the client's information risk profile and risk appetite to achieve an optimal balance between business risk and opportunity.
• Worked on internal/external audit experience.
• Worked on SAMA controls and framework.
• Worked on periodic reviews and update the IT security policies and authorized roles.
• Worked closely with the security awareness, phishing simulation, and training program.
With second class honor