· Implement the Security Risk Assessment methodology, policy, and process.

· Perform hands-on gap or risk assessments to identify significant information security risks (including applications, systems, data centers, and infrastructure and vendor security risk assessments) to determine the organizational risk posture.

· Analyze vulnerability/threat pairs across platforms; determine the level of risk they represent, documenting the discoveries, and recommendation of effective controls.

· Update the risk register, notify appropriate stakeholders, meet with business leaders where necessary, and help to drive risk to an acceptable level throughout.

· Monitor the company’s information security risk profile and risk appetite to achieve optimal balance between business risk and opportunities.

· Coordinate, monitor, and report the progress of IS risk remediation activities, resulting from oversight and monitoring processes.

· Develop and maintain current and complete IS risk profiles for all information systems, including software, devices, and infrastructure.

· Monitor compliance with policies, standards, guidelines and procedures.

Qualifications, Technical Skills& Professional Experience

1. Bachelor degree in computer science/engineering, management information systems (MIS), or a related technical degree.

2. Minimum of 3 years of IT, security, business process and GRC experience (preferably related to information security and information technologies).

3. Minimum of 3 years of experience in conducting information security risk assessment

4. Extensive knowledge or risk management concepts

5. Deep technical understanding of security threats, vulnerabilities and controls.

6. Experience in conducting risk-based information security audits

7. In-depth knowledge of information security management, practice, and understanding of privacy and security regulations, i.e., COBIT, NIST, NERC, ISA 99, IEC 61850, and ISO.

8. In-depth knowledge of information security GRC (governance, risk, compliance) methodologies, tools, and enablers.

Job Details

Industry:
Functional Area:
Total Positions:
1 Post
Job Type:
Job Location:
Gender:
No Preference
Age:
28 - 35 Years
Minimum Education:
Bachelors
Career Level:
Experienced Professional
Minimum Experience:
3 Years
Work Permit:
Saudi Arabia
Apply Before:
Jul 16, 2019
Posting Date:
Apr 30, 2019

General Authority for Competition

Government · 51-100 employees - Riyadh

انسجاماً مع السياسة الاقتصادية المبنية على مبدأ المنافسة التي تنتهجها المملكة العربية السعودية والتطورات الكبيرة الجارية في المجال الاقتصادي، ورغبة في تحسين مناخ المنافسة في قطاع الأعمال، صدر المرسوم الملكي رقم (م/٢٥) وتاريخ ٤ جمادى الأولى ١٤٢٥هـ بالمصادقة على نظام المنافسة. تعتبر الهيئة العامة للمنافسة هيئة مستقلة معنية بالإشراف على تطبيق نظام المنافسة الذي يهدف بشكل محدد إلى تعزيز وحماية المنافسة العادلة، ومكافحة الممارسات الاحتكارية التي تؤثر على المنافسة المشروعة. وسوف تعمل الهيئة من خلال نظام المنافسة واللائحة التنفيذية للنظام على المحافظة على البيئة التنافسية لقطاع الأعمال في إطار من العدالة والشفافية للسوق المحلية التي بدورها ستمكن المنشآت من التنافس بحرية وعدالة، وتتيح للمستهلكين إمكانية جني الفوائد المرجوة من المنافسة العادلة.

What is your Competitive Advantage?

Get quick competitive analysis and professional insights about yourself
Talk to our expert team of counsellors to improve your CV!
Try Mihnati Premium