Cybersecurity Policy Officer
Khafji, Eastern Province, Saudi Arabia · Tempo pieno
Sii il primo a candidarti
- Esperienza
- Qualsiasi
- Stipendio
- —
- Aperture
- 1
- Pubblicato
- 10 ore fa
- Modalità di lavoro
- In ufficio
- Istruzione
- laurea
- Requisiti di ammissibilità
- Professionals with a relevant degree or equivalent experience, strong English communication skills, and at least one of the listed security certifications can apply. Experience in cybersecurity governance, policy, risk, and compliance work is expected.
- Riprendere
- È necessario candidarsi
Dove lavorerai
Descrizione del lavoro
Role overview
This position is for a cybersecurity policy professional based in Khafji, Eastern, Saudi Arabia. The role focuses on building and maintaining governance documents and helping the organization stay aligned with cybersecurity standards and compliance expectations.
Key responsibilities
- Create, update, and preserve cybersecurity policies, standards, procedures, and guidance documents.
- Track organizational alignment with cybersecurity frameworks, with a strong emphasis on the NIST Cybersecurity Framework (CSF).
- Carry out cybersecurity risk assessments and highlight opportunities to improve controls and practices.
- Work closely with IT and business stakeholders to put security controls into practice and keep them functioning effectively.
- Assist with both internal and external security audits as well as compliance-related programs.
- Keep pace with changing cyber threats, regulatory updates, and industry practices so that policy content stays relevant.
- Suggest and help roll out improvements to security governance that strengthen the overall security posture.
- Prepare reports, supporting documents, and presentations covering governance and compliance topics.
- Encourage security awareness across the organization by explaining cybersecurity policies and recommended best practices.
Qualifications and experience
- A bachelor's degree in Cybersecurity, Information Security, Computer Science, Information Technology, or a similar field; equivalent hands-on experience may also be accepted.
- Strong command of English, including clear written and spoken communication.
- At least one professional certification from CISSP, CISM, CRISC, or CISA.
- Practical familiarity with the NIST Cybersecurity Framework (CSF) and related security standards.
- Background in cybersecurity governance, policy creation, risk management, and compliance.
- Ability to perform risk assessments and advise on suitable security controls.
- Understanding of information security fundamentals, frameworks, and regulatory compliance requirements.
- Good analytical ability, documentation skills, and stakeholder communication skills.
- Experience working with cross-functional teams to implement and maintain cybersecurity policies.
Preferred background
- Exposure to other frameworks such as ISO/IEC 27001, COBIT, or PCI DSS is an advantage.
- Knowledge of IT risk management, audit procedures, and information security governance is beneficial.
- Experience in regulated sectors such as banking, finance, healthcare, telecommunications, or government is considered a plus.