career saudi Director of Information Security - GRC - TASC Outsourcing
jobs description: jobs in Saudi Director of Information Security - GRC - TASC Outsourcing
About the Role:
The Director of Information Security – GRC will lead the design, implementation and continuous improvement of the organization’s governance, risk and compliance programs across Saudi Arabia. This role requires strategic oversight of multiple regulatory frameworks, stakeholder engagement at board and executive levels, and the leadership of a high-performing GRC team to ensure robust information security posture and regulatory alignment.
Responsibilities:
- Develop and maintain an integrated information security governance framework aligned with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF
- Drive risk management processes, including identification, assessment, treatment and reporting of information security risks
- Oversee compliance monitoring activities to ensure adherence to GDPR, PDPL and relevant local regulations
- Lead audit response efforts, coordinate internal and external audits, and ensure timely remediation of findings
- Manage third-party assurance and vendor risk assessments to uphold security standards across the supply chain
- Provide strategic counsel and regular reporting to the Board of Directors and executive leadership on GRC metrics, trends and initiatives
- Engage with regulatory bodies, including SAMA and NCA, to interpret requirements and influence regulatory developments
- Recruit, mentor and develop a skilled GRC team fostering a culture of accountability and continuous improvement
- Collaborate with cross-functional teams to integrate GRC principles into business processes and technology initiatives
Required Qualifications:
- 12–18 years of progressive experience in information security governance, risk and compliance
- Proven technical expertise with ISO 27001, NIST CSF, COBIT, NCA ECC and SAMA CSF frameworks
- In-depth knowledge of GDPR and PDPL requirements
- Demonstrated experience in cybersecurity governance and enterprise risk management
- Strong background in compliance monitoring, audit response and third-party assurance
- Excellent team leadership skills with experience managing multidiscipline security teams
- Exceptional communication skills, with proven ability to present to board members and senior executives
- Experience engaging with regulatory authorities in the Middle East region
Preferred Qualifications:
- Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM) or CRISC
- ISO 27001 Lead Auditor or Implementer certification
- Prior experience in Saudi Arabian financial services or regulated industries
- Advanced degree in Information Security, Cybersecurity, Risk Management or related field
- Fluency in Arabic
- Experience leading GRC initiatives during major digital transformation programs
Job Details
| Posted Date: | 2026-06-16 |
| Job Location: | Saudi Arabia |
| Company Industry: | Accounting |
Preferred Candidate
jobs in Saudi Director of Information Security - GRC - TASC Outsourcing ,jobs in Saudi,Director of Information Security - GRC - TASC Outsourcing jobs