The Cigna Group
Cybersecurity GRC Senior Analyst
- Permanent
- Riyadh, Saudi Arabia
- Experience 5 - 10 yrs
- Urgent
Job overview
Date posted
26/05/2025
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Comprehensive package
Experience
5 - 10 yrs
Seniority
Senior & Lead
Qualification
Bachelors degree
Expiration date
10/07/2025
Job description
Cigna is hiring a Cybersecurity GRC Senior Analyst in Riyadh to support the implementation and oversight of Cybersecurity Governance, Risk, and Compliance (GRC) initiatives and lead the Business Continuity Management (BCM) program in alignment with SAMA’s CSF and BCM Frameworks. The role requires a strong mix of technical expertise and communication skills to assess risk, support compliance initiatives, develop continuity strategies, and engage internal and external stakeholders. It offers hybrid work flexibility, international exposure, and a role in an organization recently certified as a 'Great Place to Work'.
Required skills
Key responsibilities
- Lead implementation and maintain continuous compliance with SAMA Cyber Security Framework
- Develop and update cybersecurity policies, standards, and procedures
- Conduct risk assessments and gap analyses for cyber and business continuity risks
- Track remediation efforts for compliance gaps
- Prepare documentation and reports for audits and regulatory reviews
- Develop and maintain a BCM program aligned with SAMA BCM Framework
- Conduct BIAs and establish RTOs/RPOs for critical business processes
- Create and execute BCPs and DRPs
- Design and facilitate BCM training programs and testing exercises
- Develop and deliver awareness sessions and educational materials on BCM and cybersecurity
- Prepare compliance and risk status reports for senior management and regulators
- Coordinate with internal teams, auditors, and external regulators to ensure compliance and effective risk management
Experience & skills
- Bachelor’s or Master’s degree in Information Security, Cybersecurity, or related field
- 5+ years of experience in cybersecurity governance, risk, and compliance
- Certifications such as CISSP, CISM, CRISC preferred
- Strong knowledge of SAMA Cyber Security Framework and BCM Framework
- Experience conducting risk assessments, gap analyses, and developing BCP/DR plans
- Strong written and verbal communication skills in Arabic and English
- Ability to develop and deliver compliance training and awareness sessions
- Understanding of regulatory frameworks in the KSA insurance industry
- Experience managing audits and preparing regulatory compliance documentation