Closed or Expired Job Posting This job posting is closed or has expired and is no longer open for applications.


GRC Specialist Professional

Riyadh, Saudi Arabia Posted 2019/03/11 06:59:56 Expires 2019-03-26 Ref: JB1100001150

Functional responsibilities

  1. Implement the Security Risk Assessment methodology, policy, and process.
  2. Perform hands-on gap or risk assessments to identify significant information security risks (including applications, systems, data centers, and infrastructure and vendor security risk assessments) to determine the organizational risk posture.
  3. Analyze vulnerability/threat pairs across Mobily platforms, determine the level of risk they represent, documenting the discoveries, and recommendation of effective controls
  4. Update the risk register, notify appropriate stakeholders, meet with business leaders where necessary, and help to drive risk to an acceptable level throughout Mobily
  5. Monitor the company’s information security risk profile and risk appetite to achieve optimal balance between business risk and opportunities.
  6. Ensure proper treatment of reported information security risks by reviewing risk mitigation plans, following up on risk mitigation activities, and escalating non-mitigated risks.
  7. Verify that planned risk response measures are implemented and information security requirements derived from/traceable to organizational missions/business functions, government legislation, directives, regulations, policies, and standards, and guidelines, are satisfied.
  8. Coordinate, monitor, and report the progress of IS risk remediation activities, resulting from oversight and monitoring processes.
  9. Develop and maintain current and complete IS risk profiles for all information systems, including software, devices, and infrastructure.
  10. Monitor compliance with Mobily’s policies, standards, guidelines and procedures
  11. Proactively manage the firm’s ISO 27001:2013 Information Security Management System ensuring continual compliance and ongoing eligibility for annual recertification
  12. Recommend changes/enhancements to Mobily policy based upon the evolving threat landscape
  13. Build and maintain knowledge repository to facilitate audits, knowledge transfer and sharing. , Coordinate third party technical risk assessments and related audit activity
  14. Manage expectations and requests of internal and external auditors, incl. the establishment of a programme of audit and verification of compliance with both industry standards and the assurance framework in cooperation with the internal audit team. Promote and maintain security standards, policies and procedures, also by conducting security training and distributing security governance documents (covering end-to-end security) on a regular basis in order to ensure that employees have high awareness of and are prepared for security-related issues.
  15. Conduct Periodic compliance reviews against regulatory Information Security requirements and internal Policies, procedures and standards.
  16. Perform other duties as required bu higher levels of supervision.


in computer science/engineering, management information systems (MIS), or a related technical degree

Job Details

Job Location Riyadh, Saudi Arabia
Job Role Information Technology
Employment Type Employee
Number of Vacancies 1

Preferred Candidate

Career Level Mid Career
Years of Experience Min: 5
Nationality Saudi Arabia
Degree Bachelor's degree

Similar Jobs

Loading ...

This website uses cookies to ensure you get the best experience on our website. Read more