Overview
GRC Expert Jobs in Riyadh, Riyadh, Saudi Arabia at Green Circle for Cybersecurity
Title: GRC Expert
Company: Green Circle for Cybersecurity
Location: Riyadh, Riyadh, Saudi Arabia
Company Description Green Circle for Cybersecurity is a leading provider of cybersecurity managed services in the Middle East, with offices in Riyadh, Amman, and London. The company delivers advanced Security Operations Center (SOC) services, penetration testing, compliance and governance support, and AI-driven threat intelligence to protect organizations from evolving cyber threats. Its expert team provides 24/7 monitoring, incident response, and proactive defense strategies rooted in regional regulations and global best practices. Green Circle serves both commercial and government sectors with highly accredited technical professionals and aims to be a global leader in cybersecurity by delivering outstanding services and superior outcomes. The company is also committed to raising cyber awareness through training, workshops, and community-focused initiatives.
Role Description The GRC Expert is a full-time, on-site role based in Riyadh, responsible for designing, implementing, and maintaining governance, risk, and compliance frameworks across client environments. This role includes conducting risk assessments, developing and updating security policies and procedures, and aligning controls with relevant standards and regulations (such as ISO 27001, NIST, and regional compliance requirements). The GRC Expert will coordinate and support internal and external audits, document findings, and track remediation activities to closure. Daily responsibilities also include advising clients on compliance roadmaps, collaborating with SOC, penetration testing, and advisory teams, and preparing clear reports and presentations for both technical and non-technical stakeholders. The individual in this role will mentor team members, contribute to security awareness initiatives, and participate in continuous improvement of Green Circle’s GRC methodologies and service offerings.
Qualifications
- Strong governance and compliance skills, including experience with information security frameworks (e.g., ISO 27001/27002, NCA, NIST CSF, CIS Controls) and regulatory requirements relevant to the Middle East and knowledge about tools like RSA Archer and ServiceNow.
- Proficiency in risk management practices, including risk identification, assessment, treatment planning, and the design and evaluation of security controls.
- Demonstrated ability to develop, review, and maintain information security policies, standards, procedures, and guidelines tailored to client environments.
- Experience supporting or leading audits and assessments, including evidence collection, gap analysis, reporting, and remediation tracking.
- Strong analytical and documentation skills, with the ability to produce clear reports, dashboards, and presentations for technical and business audiences.
- Effective stakeholder management and communication skills, with the ability to work closely with cross-functional teams such as SOC, penetration testing, and IT operations.
- Bachelor’s degree in Information Security, Computer Science, Information Systems, or a related field; equivalent practical experience will be considered.
- Relevant professional certifications are a plus (e.g., CISA, CISM, CRISC, ISO 27K, Archer RSA.
