Deloitte

Senior Consultant - GRC Risk Assessor

Permanent
Riyadh, Saudi Arabia
Experience 5 - 10 yrs

Apply now

Report job as expired

Job expiry date: 22/08/2025

Return to jobs page

Job overview

Date posted
08/07/2025
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Experience
5 - 10 yrs
Seniority
Senior & Lead
Qualification
Bachelors degree
Expiration date
22/08/2025

Job description

The Senior Consultant - GRC Risk Assessor will be responsible for conducting comprehensive cybersecurity risk assessments using the Client's risk management framework. The role includes identifying and analyzing external and internal threats to digital, physical, and infrastructure assets, assessing vulnerabilities, and developing mitigation plans through technical, procedural, and administrative controls. The consultant will evaluate vendors and contractors for cybersecurity compliance, assess RFPs and contractual terms, and deliver detailed documentation such as risk registers, security design reviews, and training materials. Proficiency in cloud security, container technologies such as Docker and Kubernetes, and a thorough understanding of both national (NCA) and international cybersecurity standards is essential. Strong communication skills are required for stakeholder engagement, knowledge transfer sessions, and report presentation.

Required skills

cybersecurity risk assessment

risk management framework

vulnerability analysis

cybersecurity controls

security design and architecture review

vendor security evaluation

cloud security

containerization technologies

Docker

Kubernetes

National Cybersecurity Authority (NCA) compliance

cybersecurity regulations

cybersecurity training development

risk register creation

PPT reporting

Excel analysis

contractual cybersecurity control review

Key responsibilities

Conduct cybersecurity risk assessments across infrastructure, digital platforms, and physical assets
Identify, analyze, and document internal and external threats and vulnerabilities
Develop action plans for mitigating identified risks using a combination of controls
Assess security posture of vendors, contractors, and technology partners
Evaluate RFPs and contractual documents to ensure cybersecurity controls are integrated
Prepare and deliver cybersecurity risk registers, assessment reports, and architecture review documents
Conduct knowledge transfer sessions, workshops, and develop related training materials

Experience & skills

Minimum 5 years of experience in cybersecurity risk assessment
Proficiency in evaluating cybersecurity risks and developing configuration baselines
Knowledge of diverse technologies including payment systems, security solutions, cloud platforms, and containerization (Docker, Kubernetes)
Strong understanding of NCA and international cybersecurity compliance requirements
Excellent communication skills for reporting and stakeholder engagement
Possession of strong relevant cybersecurity certifications

Apply now

Return to jobs page

Share this posting