Specialist Governance Risk and Compliance

Overview

Oversee IT governance, risk, compliance, and audit functions per national standards.

Key Responsibilities

• security training
• compliance guidance
• audit management
• governance framework
• risk register
• incident handling

Tasks

Responsible for overseeing, assessing, and documenting Governance, Risks and Compliance requirements that specifically require intervention and participation from IT Department across its various Units. Provide highly skilled technical and functional expertise for development and implementation of the Cybersecurity GRC functions and Program. -Support security awareness and policy training programs for IT and business units. -Provide compliance guidance to application owners, system admins, and stakeholders. -Supervise in Work with Internal Audit Team and External Audit consultants as appropriate on required IT Assessments and Audits -Support the creation governance policies, procedures, and guidelines, SOP. -Review and validate the Access Review user for IT financial systems. -ISO/IEC 27001 Lead Implementer Auditor -Supervise all IT Audit Findings (Internal / External) and follow-up for closure in coordination with related IT Units and other Departments, HQ, Branches. -Comply with the standards and controls issued by the National Cybersecurity Authority (NCA), SDAIA, NDMO, in all relevant tasks and responsibilities. -Collaborate with various departments to implement and maintain governance frameworks. -Implement and uphold the security protocols to protect the well-being of all employees and company assets. -Perform regular control and Risk management, gap analysis on IT and cybersecurity controls. -Supervise and track all IT and Security related audits including scope of audits, timelines, and outcomes. -Supervise the detection of deviations from established security policies, procedures, and role mappings, analyse findings and report discrepancies to management for timely remediation. -Supervise & Assign tasks and issues related to Findings / Observations from Control Functions as required, monitor to ensure progress and timely completion. -Participate in internal and external assessments to ensure continual improvement of governance and compliance initiatives. -Supervise and monitor IT environments and related functions to ensure compliance with organizational policies and regulatory requirements. -Adhere to organizational policies and procedures to ensure compliance and maintain a productive work environment. -Prepare documentation and evidence for internal and external audits for NCA, ISO, PDPL, NDMO, SDAIA. -Supervise & Interact with Audit, Risk and Compliance Functions within NCA, i.e. First-Point-of-Contact for Control Functions within IT Unit. -Supervise & Maintain IT Risk Register and IT Risks appropriately in order to minimize impacts on IT operations, delivery of functionality, costs or timeframes. -Supervise & Prepare plans and ensure the completion of deliverables related to Findings as required. -Ensure incident handling aligns with policies and Procedures. -Supervise and monitor IT environments and related functions to ensure compliance with applicable security policies, standards, and regulatory requirements, including effective implementation of Segregation of Duties (SoD). -Supervises in Provide guidance, evaluation and advocacy on audit responses.

Requirements

• audit
• cybersecurity
• iso27001
• bachelor's
• certifications
• 3‑4 years

What You Bring

-Familiarity with audit and compliance report -Well versed with Laws and Regulations of National Cybersecurity Authority such as: NCA IT Governance Framework, NCA Cybersecurity Framework, (BCM) Framework, PDPL, ISO27001 -Bachelor's Degree Computer Science, IT or equivalent -Preferred Certifications in Risk and Information Systems Control -Experience in Quality and process improvements projects -3 – 4 years of relevant experience

People Also Searched For

About Al-Ayuni Investment And Contracting Company

-It operates from a 17,000 m² open-space HQ north of Riyadh. -It has developed capabilities across railways, buildings, water & power networks, gas, IT, mining, real estate, and more. -The company owns and operates precast production and marble-mining facilities, and delivers equipment operation and maintenance services. -It handles landmark projects such as expressways with multiple flyovers, city-wide utility networks, rail segments, and industrial site developments. -Recent ventures include strategic infrastructure for NEOM, road upgrades like Sharma–Tabuk, city-centre utilities in Jeddah, and Roshn’s Fulwa development.

Sector Specialisms