Cybersecurity GRC Consultant

Role Overview

Alalameya Group is looking for a Cybersecurity GRC Consultant to support its cybersecurity function with governance, risk management, and compliance work for clients. The role focuses on strengthening control frameworks, improving documentation, and helping ensure adherence to regulatory and industry expectations.

Key Responsibilities

• Evaluate how well current practices align with cybersecurity regulations, standards, and control requirements.
• Create, update, and manage cybersecurity policies, procedures, and related standards.
• Perform gap analyses and outline practical remediation actions.
• Assist with compliance programs tied to both local and international cybersecurity frameworks.
• Build and maintain risk registers as well as risk treatment plans.
• Contribute to internal and external audits, along with compliance review activities.

Requirements

• Hands-on background in Governance, Risk, and Compliance (GRC) or cybersecurity.
• Working knowledge of NCA Essential Cybersecurity Controls (ECC), ISO/IEC 27001, and the NIST Cybersecurity Framework (CSF).
• Experience carrying out cybersecurity risk assessments, compliance work, and audit support.
• Professional certifications such as ISO 27001 Lead Implementer, ISO 27001 Lead Auditor, CISA, CRISC, or CISM are strongly preferred.
• Strong documentation and report-writing skills in Arabic and English.

Additional Information

This opportunity is available only to Saudi nationals.

Location: Jubail Industrial City, Eastern Province, Saudi Arabia.

Interested candidates should submit their CV by email to the contact provided in the source listing.