Share this Job
Apply now »

Specialist, IT security GRC Job

Work Location:  KSA > Riyadh



An exciting opportunity is available for Senior Professional I, IT Compliance, based in Riyadh and will reports directly to Head of Security Governance, Risk & Compliance,


About the role: 

The position helps Tasnee in implementing, facilitating and maintaining ISO27001 and local cybersecurity regulations and requirements. Compliance to the standard by developing or maintaining an information security management system (ISMS). This covers areas like: information security (IS) objectives, IS risk assessment, IS risk treatment, IS risk management, develop ISMS roles & responsibilities, controlling documentation, controlling records, ISMS performance evaluation, IS internal & external audits, IS management review and the continual improvement of ISMS.

In this role, you will be responsible of:   

  • Lead and manage the development and maintenance of information security management policies and procedures
  • Drive information security upgrade and continuous improvement projects.
  • Develop and maintain a risk register and risk management framework.
  • Perform internal audits for information security and service management systems
  • Lead and manage the development of service continuity plans and its related policies and procedures
  • Develop information security awareness materials to be send to all Tasnee employees
  • Work as a process manager for one or more of SMS and ISMS processes
  • Host, coordinate and facilitate IT related external and third-party audits.
  • Control ISMS documentation and records
  • Lead or coordinate corrective and preventive actions post to major incidents, audit findings or any other means.
  • Produce and maintain ISO27001 required documents and records

About You:

Minimum Qualification and Experience:

  • Bachelor’s degree in computer engineering, or related discipline.
  • 3+ years of relevant experience
  • Certified Information Security Manager CISM / Certified Information Security Auditor - CISA is a plus.

Job Specific Skills:

  • Good knowledge of information security management policies & procedures and ISO27001
  • Hands on experience in implementing and maintaining an information security management system
  • Negotiation / Communication Skills
  • Planning and Organizing


At Tasnee we value the contribution of all our people in making us a leading organization. We invest in employee development and we provide a wide range of career opportunities, offering everyone the chance to broaden their experience and build a professionally rewarding career as we work together to deliver innovative solutions for our customers.

Apply now »