Back to jobs

Cybersecurity GRC Specialist

Riyadh, Riyadh, Saudi Arabia

We don’t think about job roles in a traditional way. We are anti-silo. Anti-career stagnation. Anti-conventional. 

Beyond ONE is a digital services provider radically reshaping the personalised digital ecosystems of consumers in high growth markets around the world. We’re building a digital services aggregator platform, with a strong telco foundation, and a profitable growth strategy that empowers users to drive their own experience—subscribe once, source from many, and only pay for what you actually use. 

Since being founded in 2021, we’ve acquired Virgin Mobile MEA, Friendi Mobile MEA and Virgin Mobile LATAM (with 6.5 million subscribers) and 1600 dedicated  colleagues across Chile, Colombia, KSA, Kuwait, Mexico, Oman and UAE. 

To disrupt for good takes a rebellious spirit, a questioning mind and a warm heart. We really care about how to get things done and not who manages who. We benefit from our diversity, and together, we disrupt the way we and others thinkin about our lives for good.  

Do you want to exchange ideas, learn from each other and leave your mark on our journey? This is the place for you. 

About the Role

A cybersecurity GRC (Governance, Risk, and Compliance) professional is responsible for designing, implementing, and overseeing the organization's cybersecurity governance, risk management, and compliance programs. This role includes, but not limited to, developing policies and procedures, conducting technical and IT risk assessments, monitoring and reporting on cybersecurity risks, and ensuring compliance with regulatory requirements (e.g. CRF, CSCC, ECC, NDMO)

What You Will Do

  • Developing and maintaining cybersecurity policies, standards, and guidelines
  • Conducting technical and digital risk assessments and identifying vulnerabilities in the organization's systems
  • Developing and implementing risk mitigation strategies and controls
  • Monitoring and reporting on cybersecurity risks and compliance issues
  • Working closely with IT and business stakeholders to ensure alignment of cybersecurity efforts with business objectives
  • Keeping up-to-date on cybersecurity trends and best practices
  • Develop and maintain risk register aligned with the risk management framework
  • Perform continuous follow ups, regular meetings and escalations to ensure risk closure
  • Providing guidance and training to staff on cybersecurity policies and procedures
  • Responsible for implementing and executing the security awareness program for employees.
  • Participating in incident response and post-incident reviews
  • Collaborating with external auditors to ensure compliance with regulatory requirements
  • Maintaining relationships with regulatory bodies and industry organizations to stay current on compliance requirements

What You Will Need

  • Bachelor’s degree in Computer Science, Information Technology or a related field
  • Certified Information Systems Security Professional (CISSP) or Certified Information Security Manager (CISM) certification preferred
  • Minimum of 5-8 years of experience in cybersecurity governance, risk management and compliance (GRC)
  • Strong knowledge of cybersecurity frameworks and standards such as NIST, ISO 27001, PCI DSS
  • Experience implementing and managing GRC tools and software
  • Strong analytical and problem-solving skills
  • Excellent communication and interpersonal skills
  • Ability to work effectively in a team environment and collaborate with cross-functional teams
  • Knowledge of regulatory requirements and compliance standards in the cybersecurity field.

 

What we offer:

  • Rapid learning opportunities - we enable learning through flexible career paths, exposure to challenging & meaningful work that will help build and strengthen your expertise.
  • Hybrid work environment - flexibility to work from home 2 days a week.
  • Healthcare and other local benefits offered in market.

Apply for this job

*

indicates a required field

Resume/CV*

Accepted file types: pdf, doc, docx, txt, rtf