Embedded Files
At Mzyyar Engineering Consultancy, we provide a strategic platform that connects our clients and partners with highly specialized talent in Operational Technology (OT), Industrial Cybersecurity, Digital & IT Transformation, and Governance, Risk & Compliance (GRC).
This gateway enables access to a curated pool of professionals equipped to support smart industrial environments, ensure regulatory alignment, and drive sustainable operational excellence.
Current Job Listings
Current Job Listings
JOB TITLE : GRC Consultant – Saudi Cybersecurity Compliance
JOB TITLE : GRC Consultant – Saudi Cybersecurity Compliance
Date Posted : 17/07/2015
About the Job:
We are hiring a GRC Consultant to support cybersecurity governance, risk, and compliance initiatives in alignment with the Saudi National Cybersecurity Authority (NCA) frameworks. This role focuses on helping clients in the public and private sectors achieve compliance with ECC, GRC, CSCC, and other NCA-mandated regulations, while also aligning with international standards like ISO/IEC 27001 and NIST CSF.
Clients : Confidential
Location: Based in KSA - Remote support for clients in Saudi Arabia
(Occasional travel to KSA may be required)
Job Overview:
The GRC Consultant will be responsible for guiding clients through regulatory assessments, policy development, risk treatment planning, and audit readiness. This includes mapping client environments to NCA frameworks and supporting ongoing compliance programs.
Key Responsibilities:
Conduct compliance gap assessments against NCA ECC, GRC, CSCC, CCC, and TCC controls.
Develop security policies, procedures, and governance frameworks tailored to KSA regulations.
Support risk assessments, risk registers, and treatment plans based on business impact.
Prepare clients for internal/external audits and documentation reviews.
Align client initiatives with ISO/IEC 27001, NIST CSF, and other global best practices.
Provide advisory on third-party risk, data classification, and national mandates.
Assist in the development of cybersecurity awareness and training strategies as per NCA guidelines.
Qualifications:
Bachelor’s degree in Information Security, Engineering, Computer Science, or related field.
3–5 years of experience in cybersecurity GRC, with a strong understanding of Saudi cybersecurity regulations.
Experience with risk management, internal audits, or regulatory consulting.
Strong knowledge of the NCA compliance ecosystem.
Fluent in English; proficiency in Arabic is highly preferred.
Preferred Certifications or Training:
ISO/IEC 27001 Lead Implementer or Auditor
NCA ECC Implementation Training (if available)
CRISC / CISM / CGEIT
NIST Cybersecurity Framework Practitioner
COBIT 5 / ITIL 4 (Governance track)
Page updated
Google Sites
Report abuse