Cybersecurity Policy Officer
Khafji, Eastern Province, Saudi Arabia · À temps plein
Soyez le premier à postuler
- Expérience
- N'importe lequel
- Salaire
- —
- Ouvertures
- 1
- Publié
- il y a 9 heures
- Mode de travail
- Au bureau
- Éducation
- licence
- Admissibilité
- Professionals with a relevant degree or equivalent experience, strong English communication skills, and at least one of the listed security certifications can apply. Experience in cybersecurity governance, policy, risk, and compliance work is expected.
- CV
- Candidature requise
Votre lieu de travail
Description de l'emploi
Role overview
This position is for a cybersecurity policy professional based in Khafji, Eastern, Saudi Arabia. The role focuses on building and maintaining governance documents and helping the organization stay aligned with cybersecurity standards and compliance expectations.
Key responsibilities
- Create, update, and preserve cybersecurity policies, standards, procedures, and guidance documents.
- Track organizational alignment with cybersecurity frameworks, with a strong emphasis on the NIST Cybersecurity Framework (CSF).
- Carry out cybersecurity risk assessments and highlight opportunities to improve controls and practices.
- Work closely with IT and business stakeholders to put security controls into practice and keep them functioning effectively.
- Assist with both internal and external security audits as well as compliance-related programs.
- Keep pace with changing cyber threats, regulatory updates, and industry practices so that policy content stays relevant.
- Suggest and help roll out improvements to security governance that strengthen the overall security posture.
- Prepare reports, supporting documents, and presentations covering governance and compliance topics.
- Encourage security awareness across the organization by explaining cybersecurity policies and recommended best practices.
Qualifications and experience
- A bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a similar field; equivalent hands-on experience may also be accepted.
- Strong command of English, including clear written and spoken communication.
- At least one professional certification from CISSP, CISM, CRISC, or CISA.
- Practical familiarity with the NIST Cybersecurity Framework (CSF) and related security standards.
- Background in cybersecurity governance, policy creation, risk management, and compliance.
- Ability to perform risk assessments and advise on suitable security controls.
- Understanding of information security fundamentals, frameworks, and regulatory compliance requirements.
- Good analytical ability, documentation skills, and stakeholder communication skills.
- Experience working with cross-functional teams to implement and maintain cybersecurity policies.
Preferred background
- Exposure to other frameworks such as ISO/IEC 27001, COBIT, or PCI DSS is an advantage.
- Knowledge of IT risk management, audit procedures, and information security governance is beneficial.
- Experience in regulated sectors such as banking, finance, healthcare, telecommunications, or government is considered a plus.
Compétences
Collaboration interfonctionnelle
L'évaluation des risques
Communication avec les parties prenantes
Conformité réglementaire
Conformité en matière de sécurité
Policy Development
Documentation et rapports
Cybersecurity Governance
Information Security
Security Auditing
NIST Cybersecurity Framework
Security Controls