Location
Riyadh
Objective: To conduct cybersecurity risk assessments using Client risk management framework, ensuring the identification, analysis, and mitigation of security risks.
Responsibilities:
- Assess potential security risks across Client’s infrastructure, digital platforms, and physical assets.
- Identify external and internal threats, analyse vulnerabilities, and determine their impact on Client’s ecosystem.
- Develop action plans to address identified risks, including technical, procedural, and administrative controls.
- Evaluate the security posture of vendors, contractors, and technology partners involved in Client’s infrastructure and services.
- Review new projects RFPs and contractual controls to ensure cybersecurity controls.
- Provide necessary deliverables such as Cybersecurity Risk register, risk assessment reports, cybersecurity controls in RFPs and contracts, and security design and architecture review reports in PPT, Word, PDF, and Excel formats.
- Conduct knowledge transfer sessions and workshops and develop training materials.
Qualifications:
- Extensive experience in cybersecurity risk assessments and configuration baseline development.
- Knowledge of diverse technologies, including payment systems, security solutions, cloud security, containerization technologies (e.g., Docker, Kubernetes).
- Strong understanding of cybersecurity regulatory and compliance requirements (e.g., National Cybersecurity Authority (NCA) and international cybersecurity standards).
- Strong communication skills for coordinating with stakeholders, conducting knowledge transfer sessions, and presenting findings.
- Minimum of 5+ years of experience in cybersecurity risk assessment.
- Strong Relevant Certifications