Cybersecurity & GRC
ECOVIS Saudi Arabia (ECOVIS AL SABTI)
Riyadh Region • Vollzeit
Bewerben Sie sich als Erste/r!
- Erfahrung
- 2–5 yrs
- Gehalt
- —
- Stellenangebote
- 1
- Veröffentlicht
- vor 59 Minuten
Stellenbeschreibung
About the Company
ECOVIS Al Sabti is the Saudi Arabia member firm of ECOVIS International, a worldwide consulting network that originated in Continental Europe. The organization operates across 95+ countries with a team of more than 11,000 specialists, delivering services in audit, assurance, financial advisory, enterprise risk management, cybersecurity, business continuity, data management, technology, tax, and accounting. Its approach combines international expertise with practical local knowledge to provide tailored support to clients in a wide range of industries.
ECOVIS is known for its client-focused service model, high standards, and ability to help organizations meet strategic and operational objectives through customized solutions.
Role Overview
This position focuses on cybersecurity governance, risk, and compliance activities, along with support for security operations and client-facing risk management work.
Key Responsibilities
- Build, update, and sustain cybersecurity policies, control frameworks, and governance documentation in line with Saudi regulations and widely used standards such as NCA, SAMA, ISO 27001, NIST, and SOC 2.
- Perform risk reviews, control gap analyses, and compliance audits to uncover security weaknesses and measure regulatory alignment.
- Guide clients on cybersecurity risk handling, third-party risk, project-related security needs, and vendor evaluation exercises.
- Track security control performance, compliance indicators, and overall posture, then present findings through regular review reports.
- Help run security awareness initiatives, tabletop simulations, and ongoing improvements to client security programs.
- Operate and monitor SIEM tools to improve log collection, correlation logic, and live threat detection for SOC support activities.
Qualifications
- A bachelor’s degree in Information Technology, Computer Science, Cybersecurity, or a closely related discipline is required.
- Applicants should have a solid grasp of IT and cybersecurity infrastructure environments.
- Between 2 and 5 years of relevant professional experience is needed.
- Professional credentials such as CISA, CISM, or CISSP are considered an advantage.
- Good working knowledge of Microsoft Office applications, including Word, Excel, and PowerPoint, is expected.
- The role suits someone who works well in teams and can adapt to a fast-moving environment.
Additional Information
This is a full-time position based onsite in the Riyadh Region.