Deloitte
Senior Consultant - GRC Risk Assessor
- Permanent
- Riyadh, Saudi Arabia
- Experience 5 - 10 yrs
Job overview
Date posted
08/07/2025
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
5 - 10 yrs
Seniority
Senior & Lead
Qualification
Bachelors degree
Expiration date
22/08/2025
Job description
The Senior Consultant - GRC Risk Assessor will be responsible for conducting comprehensive cybersecurity risk assessments using the Client's risk management framework. The role includes identifying and analyzing external and internal threats to digital, physical, and infrastructure assets, assessing vulnerabilities, and developing mitigation plans through technical, procedural, and administrative controls. The consultant will evaluate vendors and contractors for cybersecurity compliance, assess RFPs and contractual terms, and deliver detailed documentation such as risk registers, security design reviews, and training materials. Proficiency in cloud security, container technologies such as Docker and Kubernetes, and a thorough understanding of both national (NCA) and international cybersecurity standards is essential. Strong communication skills are required for stakeholder engagement, knowledge transfer sessions, and report presentation.
Required skills
Key responsibilities
- Conduct cybersecurity risk assessments across infrastructure, digital platforms, and physical assets
- Identify, analyze, and document internal and external threats and vulnerabilities
- Develop action plans for mitigating identified risks using a combination of controls
- Assess security posture of vendors, contractors, and technology partners
- Evaluate RFPs and contractual documents to ensure cybersecurity controls are integrated
- Prepare and deliver cybersecurity risk registers, assessment reports, and architecture review documents
- Conduct knowledge transfer sessions, workshops, and develop related training materials
Experience & skills
- Minimum 5 years of experience in cybersecurity risk assessment
- Proficiency in evaluating cybersecurity risks and developing configuration baselines
- Knowledge of diverse technologies including payment systems, security solutions, cloud platforms, and containerization (Docker, Kubernetes)
- Strong understanding of NCA and international cybersecurity compliance requirements
- Excellent communication skills for reporting and stakeholder engagement
- Possession of strong relevant cybersecurity certifications