hireejobsgulf

Director of Information Security - GRC

1.00 to 10.00 Years   Saudi Arabia   17 Jun, 2026
Job LocationSaudi Arabia
EducationNot Mentioned
SalaryNot Mentioned
IndustryDirector of Information Security - GRC
Functional AreaNot Mentioned

Job Description

The Director of Information Security ? GRC will lead the design, implementation and continuous improvement of the organization?s governance, risk and compliance programs across Saudi Arabia. This role requires strategic oversight of multiple regulatory frameworks, stakeholder engagement at board and executive levels, and the leadership of a high-performing GRC team to ensure robust information security posture and regulatory alignment.Responsibilities:Develop and maintain an integrated information security governance framework aligned with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSFDrive risk management processes, including identification, assessment, treatment and reporting of information security risksOversee compliance monitoring activities to ensure adherence to GDPR, PDPL and relevant local regulationsLead audit response efforts, coordinate internal and external audits, and ensure timely remediation of findingsManage third-party assurance and vendor risk assessments to uphold security standards across the supply chainProvide strategic counsel and regular reporting to the Board of Directors and executive leadership on GRC metrics, trends and initiativesEngage with regulatory bodies, including SAMA and NCA, to interpret requirements and influence regulatory developmentsRecruit, mentor and develop a skilled GRC team fostering a culture of accountability and continuous improvementCollaborate with cross-functional teams to integrate GRC principles into business processes and technology initiativesRequired Qualifications:12?18 years of progressive experience in information security governance, risk and complianceProven technical expertise with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF frameworksIn-depth knowledge of GDPR and PDPL requirementsDemonstrated experience in cybersecurity governance and enterprise risk managementStrong background in compliance monitoring, audit response and third-party assuranceExcellent team leadership skills with experience managing multidiscipline security teamsExceptional communication skills, with proven ability to present to board members and senior executivesExperience engaging with regulatory authorities in the Middle East regionPreferred Qualifications:Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or CRISCISO 27001 Lead Auditor or Implementer certificationPrior experience in Saudi Arabian financial services or regulated industriesAdvanced degree in Information Security, Cybersecurity, Risk Management or related fieldFluency in ArabicExperience leading GRC initiatives during major digital transformation programs

Keyskills :

APPLY NOW

Related Jobs

© 2023 HireeJobsGulf All Rights Reserved