An exciting opportunity is available for Specialist II, IT Security GRC, located in Riyadh.
Report to: Section Head, Security Assurance & Aware
Job Summary:
The position helps Tasnee implement, facilitate, and maintain ISO27001 and local cybersecurity regulations and KSA NCA requirements. Compliance with the standard by developing or maintaining an information security management system (ISMS). This covers information security (IS) objectives, IS risk management and development of ISMS roles & responsibilities, controlling documentation, controlling records, ISMS performance evaluation, IS internal & external audits, IS management review, and the continual improvement of ISMS.
Role responsibilities:
- Lead and manage the development and maintenance of information security management policies and procedures.
- Drive information security upgrade and continuous improvement projects.
- Develop and maintain a risk register and risk management framework.
- Perform internal audits for information security and service management systems.
- Lead and manage the development of service continuity plans and their related policies and procedures.
- Work as a process manager for one or more SMS and ISMS processes
- Host, coordinate and facilitate IT-related external and third-party audits.
- Control ISMS documentation and records.
- Lead or coordinate corrective and preventive actions post to major incidents, audit findings, or any other means.
- Produce and maintain ISO27001 required documents and records
- Conduct and manage IT Disaster Recovery Exercise.
Qualifications and Requirements:
- Bachelor’s degree in Computer Science or Information System.
- Experience: +4 years
- Certified Information Security Manager – CISM / Certified Information Security
- Good knowledge of information security management policies & procedures and ISO27001
- Fair knowledge of COBIT and ISO20000 is a plus
- Hands-on experience in implementing and maintaining an information security management system
- Negotiation / Communication Skills
- Planning and Organizing
- English Fluency (written & spoken)
Job Segment: Information Security, Risk Management, Computer Science, Technology, Finance
