Cybersecurity GRC Consultant

[cyberksa] is a leading provider of cybersecurity and risk management solutions. We are committed to helping organizations navigate the complex landscape of compliance, security, and risk.

Role Description

This is a full-time on-site role for a Cyber Security Engineer at Saud Cybersecurity Company (CYBER) located in Jeddah. The Cyber Security Engineer will be responsible for implementing security measures to protect the company's computer systems, networks, and data. They will also investigate and resolve security incidents, conduct vulnerability assessments, and develop security policies and procedures.

Responsibilities:

• Design, implement, and maintain cybersecurity architecture, ensuring the confidentiality, integrity, and availability of systems and data.
• Develop security policies, standards, and procedures to protect against cybersecurity threats and vulnerabilities.
• Monitor network traffic and system logs for signs of security incidents or breaches.
• Investigate and analyze security breaches to determine root causes and recommend remediation actions.
• Implement and manage intrusion detection/prevention systems and security information and event management (SIEM) tools.
• Conduct vulnerability assessments and penetration testing to identify and prioritize security weaknesses.
• Coordinate with system administrators and developers to remediate vulnerabilities in a timely manner.
• Stay current with emerging cybersecurity threats and vulnerabilities and implement proactive measures to mitigate risks.
• Manage user access controls and authentication mechanisms to ensure appropriate levels of access to systems and data.
• Implement multi-factor authentication, role-based access controls, and least privilege principles.
• Monitor and audit user access to detect and prevent unauthorized activities.
• Ensure compliance with relevant cybersecurity regulations, standards, and frameworks (e.g., NCA, GDPR, SAMA, ISO 27001).
• Conduct regular security assessments and audits to verify compliance with security policies and procedures.
• Prepare and maintain documentation for security certifications and audits.
• Develop and deliver cybersecurity awareness training programs for employees to promote security best practices.
• Provide guidance and support to employees on security-related issues and concerns.
• Develop and maintain incident response plans and procedures for cybersecurity incidents.
• Lead incident response efforts to contain and mitigate security incidents, working closely with cross-functional teams.
• Coordinate with external partners, such as law enforcement and incident response vendors, as necessary.

Requirements:

• Bachelor's degree in computer science, Information Security, or related field.
• 3 - 6 years of experience in Cybersecurity, including experience leading a team.
• Proven experience in cybersecurity engineering or related roles.