Tadawul
Cybersecurity Governance Lead Specialist
- Permanent
- Riyadh, Saudi Arabia
- Experience 2 - 5 yrs
Job expiry date: 04/10/2025
Job overview
Date posted
20/08/2025
Location
Riyadh, Saudi Arabia
Salary
SAR 20,000 - 30,000 per month
Compensation
Salary only
Experience
2 - 5 yrs
Seniority
Experienced
Qualification
Bachelors degree
Expiration date
04/10/2025
Job description
The Cybersecurity Governance Lead Specialist in Riyadh will oversee risk assessments, compliance, and governance activities to ensure that the organization’s cybersecurity strategy, policies, and practices align with regulations and business directives. Responsibilities include carrying out cybersecurity risk assessments, recognizing non-compliance patterns in documentation, reviewing policies and strategies, and evaluating the organization’s cybersecurity defense configurations. The role involves conducting vulnerability scans, security testing, code reviews, and supporting penetration testing initiatives. The specialist will ensure appropriate technologies are applied to meet cybersecurity and privacy requirements and will develop awareness training materials tailored to different audiences. The position requires collaboration across teams to prepare accurate reports, ensure compliance with standards, identify continuous improvement opportunities, and maintain high levels of customer satisfaction. Candidates must hold a bachelor’s degree in IT, Computer Science, or equivalent (master’s preferred) and have at least 3 years of experience in cybersecurity governance. CISSP certification or equivalent is preferred, along with strong knowledge of network security controls, risk management, operating system hardening, penetration testing, threat analysis, and relevant cybersecurity regulations.
Required skills
Key responsibilities
- Carry out cybersecurity risk assessments for systems and assets
- Identify patterns of non-compliance with cybersecurity policies and improve documentation
- Periodically review cybersecurity strategy, policies, and documents for compliance with regulations
- Analyze defense policies and configurations to evaluate compliance with organizational directives
- Conduct vulnerability scanning on systems and assets
- Use security testing and code scanning tools to perform code reviews
- Conduct or support authorized penetration testing of infrastructure and assets
- Ensure appropriate technologies are deployed to meet privacy and cybersecurity requirements
- Develop or identify awareness training materials for intended audiences
- Prepare timely and accurate reports to meet departmental objectives
- Ensure satisfaction of internal and external stakeholders through responsive engagement
- Contribute to process improvement, cost effectiveness, and productivity initiatives
- Promote adherence to policies and procedures within the organization
- Maintain professional relationships and represent the company positively
Experience & skills
- Hold a bachelor’s degree in Information Technology, Computer Science, or equivalent (Master’s degree preferred)
- Possess at least 3 years of experience in cybersecurity governance
- Certified Information Systems Security Professional (CISSP) or equivalent certification preferred
- Have knowledge of network components and appropriate security controls
- Demonstrate understanding of risk assessment, mitigation, and management methods
- Be knowledgeable about cybersecurity threats, vulnerabilities, and their organizational impact
- Understand new technologies and their cybersecurity implications
- Be familiar with cybersecurity regulations and compliance requirements relevant to the Group
- Have expertise in system administration, network management, and operating system hardening
- Possess knowledge of cybersecurity data classification requirements
- Be proficient in penetration testing and red teaming principles, tools, and techniques
