Gentis
Gentis
Home

JobsMissionsMediaUse cases
You can reach us anytime via
hello@gentis.com

Vacancies

Find your dream job

Security Solution Analyst - GRC Cybersecurity

30/10/2024
PermanentSaudi ArabiaOn site17000 SR21000 SR
Copied to clipboard
Job description

A leading organization in Saudi Arabia is seeking a Cybersecurity Compliance Officer to join their GRC team. The role focuses on developing and maintaining security governance frameworks, policies, and procedures to ensure alignment with regulatory requirements. The candidate will drive compliance with national cybersecurity regulations, data protection laws, and international security standards.


Key responsibilities include monitoring regulatory compliance, conducting internal security assessments, managing GRC technology platforms, and coordinating external audit engagements. The position requires regular reporting to GRC leadership and supporting organizational certification initiatives.


The ideal candidate will have experience in implementing and maintaining comprehensive security compliance programs while ensuring adherence to industry and regulatory requirements.


Detailed Responsibilities:

  • Develop and maintain comprehensive cybersecurity governance frameworks, policies, and procedures ensuring alignment with regulatory requirements, including NCA controls.
  • Drive compliance with key security standards and regulations including PDPL, ISO 27001, and other applicable frameworks. Monitor and implement emerging requirements.
  • Perform technical security reviews of system configurations, network architecture, and control implementations to validate compliance and security best practices.
  • Lead internal security assessments and compliance reviews to identify and remediate control gaps.
  • Implement and administer GRC automation platforms to enhance compliance monitoring efficiency and reporting capabilities.
  • Design and oversee control attestation procedures, working with control owners to validate and document control effectiveness.
  • Develop and execute third-party security assessment program to evaluate and monitor vendor security practices.
  • Generate regular security status reports for GRC management. Effectively communicate security risks, issues and recommendations to key stakeholders.
  • Manage external audit engagements and certification processes to ensure successful outcomes and continued compliance.
Profile description

Key Competencies:

  • Information Security Governance: Advanced knowledge of security frameworks, policies, and strategic integration of security with business operations. Strong understanding of cyber resilience principles.
  • Regulatory & Standards Expertise: Comprehensive understanding of data protection laws, international security standards (ISO), and industry regulations. Ability to interpret and apply evolving requirements.
  • Technical Security Knowledge: Proficiency in assessing system security configurations, network architecture, and control implementations. Deep understanding of security best practices.
  • Security Assessment: Expert capability in conducting security assessments and compliance reviews. Strong analytical skills in control effectiveness evaluation.
  • GRC Technology: Advanced knowledge of GRC platforms and automation solutions. Expertise in optimizing compliance monitoring and reporting processes.
  • Control Framework: Deep understanding of control validation procedures and attestation processes. Knowledge of control documentation best practices.
  • Third-Party Security: Expert knowledge of vendor security assessment methodologies and supply chain risk management principles.
  • Strategic Communication: Strong ability to articulate complex security concepts to various stakeholders. Excellence in security status reporting and presentation.
  • Audit Management: In-depth knowledge of external audit and certification processes. Strong understanding of audit evidence requirements and remediation approaches.
  • Policy Architecture: Expert understanding of control frameworks and their relationship to organizational policies. Proficiency in mapping security requirements to operational controls.


Core Responsibilities:

  • Information Security Governance: Develop and oversee security frameworks, policies, and procedures aligned with business objectives. Integrate security strategy with operations to maintain business continuity and cyber resilience.
  • Regulatory & Standards Management: Ensure adherence to data protection laws, international security standards (ISO), and industry regulations. Monitor evolving requirements and update security practices accordingly.
  • Technical Security Oversight: Assess and validate system security configurations, network architecture, and control implementations against security requirements and industry best practices.
  • Security Assurance: Lead internal security assessments and compliance reviews. Evaluate control effectiveness and drive continuous improvement initiatives.
  • Technology & Process Optimization: Implement and manage GRC platforms and automation solutions to enhance compliance monitoring and reporting efficiency.
  • Control Management: Design and maintain control validation procedures, ensuring proper documentation and attestation from control owners.
  • Third-Party Risk Management: Develop and execute vendor security assessment programs. Evaluate and monitor external partner security postures to manage supply chain risks.
  • Stakeholder Management: Deliver regular status updates to GRC leadership on security posture and program effectiveness. Drive clear communication channels with key stakeholders.
  • Audit Coordination: Support external audit engagements and certification processes. Partner with auditors and internal teams to facilitate successful outcomes.
  • Policy Framework Administration: Maintain unified control framework mapping security requirements to organizational policies. Establish clear relationships between policies, standards, and operational controls.


Education & Professional Certifications:


· Advanced degree in Computing/Technology field (Bachelor's/Master's in Computer Science or related)

· Governance, Risk & Compliance certification (ISC2 GRC)

· CISSP (Certified Information Security Professional)

· CISA (Certified Information Systems Auditor)

· Security Controls Framework certification (SANS SEC566)

· OSCP (Offensive Security Certified Professional)

Copied to clipboard

Similar jobs

ICT
25/04/2025

Senior Platform Engineer

Day-to-day responsibilities:Collaborate with team to design and implement distributed system architectures leveraging Azure Data Engineering Services such as Event Hub, Data Factory, ADLS Gen2, Cosmos DB, Synapse, Databricks, APIM, Function App, Logic App, and App Services.Assist in creating and maintaining Infrastructure as Code (IaC) using ARM Templates and Terraform, enabling scalable and automated resource deployment.Support development, testing, and production environments by managing containerization and orchestration tools like Docker and Azure Kubernetes Service (AKS).Monitor systems and troubleshoot issues utilizing Azure Monitor, Log Analytics, and Application Insights for comprehensive insight into performance and reliability.Contribute to disaster recovery and backup planning, collaborating on DR strategies integrated with IaC solutions.Participate in job scheduling, job monitoring, and proactive alert setup for data pipelines, supporting reliable workflow orchestration.Conduct troubleshooting, root cause analysis, and workflow performance improvement using Azure-native tools and distributed streaming platforms.Write and maintain automation scripts in Python and Shell, and work alongside CI/CD pipelines via Jenkins and Azure DevOps for rapid and reliable deployments.Engage in resource monitoring of VMs, assessing memory, CPU, OS, storage, and network performance, and resolving issues through log analysis.Demonstrate adaptability by working with evolving technologies and applying Agile methodologies to optimize software delivery.

PermanentUnited Arab EmiratesOn site
ICT
23/04/2025

Ingénieur Data Senior – Migration et Administration Clusters (HDP/CDP, Cloud, Kubernetes, Spark, Airflow, Starburst)

Basé à Paris avec une présence de deux jours par semaine sur site, ce poste implique l’accompagnement et le maintien en conditions opérationnelles (MCO) des infrastructures HDP et CDP, dans un contexte de migration vers des services Data sur le Cloud. Le rôle intègre l’administration et l’optimisation de clusters, la gestion des mises à jour et des correctifs de sécurité, ainsi que la supervision des performances et l’optimisation des ressources.Administration et optimisation des clusters HDP/CDP : installation, configuration, maintenance.Gestion des mises à jour système et patchs de sécurité.Supervision et optimisation des ressources et performances.Gestion de clusters Kubernetes : administration, sécurisation et monitoring d’environnements conteneurisés (IKS, Openshift…).Automatisation des déploiements grâce aux Operators.Orchestration de workflows avec Apache Airflow : développement et optimisation des DAGs, gestion des dépendances et optimisation des temps d’exécution, intégration dans l’écosystème Data.Traitement et analyse des données avec Apache Spark : développement et tuning de jobs en batch ou streaming, intégration avec des systèmes distribués.Optimisation des requêtes et accès aux données distribuées avec Starburst (Trino) : configuration et administration, optimisation des requêtes SQL, gestion des accès sécurisés.Le poste contribue directement à la transformation Data de l’entreprise, en facilitant la migration, la sécurisation et la performance des écosystèmes Big Data sur Cloud.

Fixed termFranceHybrid
Engineering
17/04/2025

Dessinateur Technique E&I

Description de la fonction : En tant que dessinateur technique E&I au sein de notre bureau d’étude, vous réalisez les études de détail en E&I (électricité et instrumentation) pour nos installations de transport comme le gaz naturel, l'hydrogène, et le CO2, en conformité avec les données du projet et les normes et codes techniques en vigueur.Vos responsabilités incluent notamment :Élaborer des plans E&I tels que les schémas électriques, les schémas d’instrumentation, les calculs et les listes des câbles, les listes I/O et les listes des composants, les P&ID, les plans lay-out, les schémas bloc, et les plans de zonage.Assurer l'application correcte du RGIE, de l'ATEX et des standards internes dans les études réalisées.Participer à l'ensemble du projet avec un accent particulier sur la phase d’étude détaillée.Maintenir des contacts avec les collègues d'autres services impliqués dans les projets, comme les ingénieurs de projet ou les cellules de Piping & Génie Civil.Contribuer à la qualité des données sur les actifs avec les dossiers as-built et utiliser des logiciels spécifiques pour la gestion des fichiers.Compétences générales :Francophone natif ; bonne compréhension du néerlandais.Connaissance courante des applications informatiques standard telles que Windows 10 et Office 365.Ponctualité, souci de la précision et du détail. Orienté résultat.Compétences techniques :Diplôme de bachelier ou graduat en électronique, électromécanique, ou automatisation des processus, avec au moins 3 ans d’expérience pertinente en E&I dans un cadre industriel ou chimique, ou dans le secteur de l'énergie.Ou diplôme d'enseignement secondaire technique avec au moins 5 ans d'expérience pertinente.Connaissances approfondies en conception de circuits électriques, certification ATEX, et maîtrise d'AutoCAD 3D.

PermanentBelgiumOn site
ICT
07/04/2025

Senior Data Engineer

Code generation and application of generic functions and models.Use of cloud technologies to optimize processes (notably by offloading data to Microsoft Azure).Support the adoption of new ways of working, such as CI/CD and DBT.Tenant management of our Power BI environment.Occasional maintenance of the server environment.

PermanentBelgiumHybrid
ICT
07/04/2025

Data Manager

- Ensure the accuracy, completeness and usability of all business data available to customers.- Work with the Product team to define and create new functionalities, supporting the business with data knowledge- Work with the technical teams on the industrialization of data functionalities and use cases- Hold the data knowledge within the company, and ensure the sharing of this knowledge with all business and technical teams.- Define the structure of the data used and consumed, make the necessary decisions on the use of the data according to the business needs and technical constraints- Explore the data to identify the value that can be derived from it- Ensure that the company has all the data it needs for its business uses, notably by identifying the data it needs to obtain and by managing projects to supply additional data- Ensure data governance, including contributing to the control of the company's data assets, defining roles and responsibilities, and participating in the documentation of data- Analyze data quality for inconsistencies or anomalies, communicate internally about changes or data requirements.- Develop strong relationships with data providers and ensure the follow-up with them on business needs- Define a data quality framework- Contribute to the monitoring of the platform's operational readiness- Collaborate to data modeling with modern data warehouse architecture

PermanentBelgiumHybrid
ICT
07/04/2025

Data Analyst

Conduct analytical projects which create added-value through dataWork with the Product and Data Engineers team to develop new functionalities, and to help define business use cases through data inputsContribute to make data accessible to all stakeholders within the firm, share knowledge on data throughout the firmIndustrialize data analytics projectsParticipate to data quality analysis and data quality improvementsWrite data management rules and data transformation rules according to business use cases

PermanentBelgiumOn site

The perfect match is only one step away.

Send us your CV directly and we will put you in touch with one of our specialised recruiter who will guide you in the search of your dream job!

Phone number
Phone
Candidates

Testimonials

The Gentis consultants have always taken a number of factors into account in order to present us with the right candidates. The people we've recruited are still here, and personally I'm very happy with the new additions to the team.
Joakin / Deputy-AMLCO, PPS
The outcomes were impressive! Over 3 to 4 years, we’ve closed more than 20 deals. Gentis provides a seamless channel to connect with candidates via various avenues.
Morgan / HR, CAF
View use cases
Blog

Recruitment articles

15 min read
17 Jan 2025

How to implement your employer brand strategy in 7 steps

Employer branding is a marketing concept that is essential for any company that wants to support its attractiveness and promote loyalty among its talent. While the reasons to build a solid and positive employer brand are clear, you cannot simply wave a magic wand for it to be successful. It requires a series of actions.

10 min read
05 Aug 2024

Essential employer branding trends in 2024

Employer branding has become essential for companies that want to stand out in the war for talent. In 2024, your employer brand should be authentic, embrace diversity and be flexible to attract the best profiles.

15 min read
15 May 2024

Employer branding: 7 mistakes you don’t want to make

Back Market, KPMG, Dassault, Shine… These different sized companies all have a strong employer brand that ensures their attractiveness and loyalty and makes their competitors pale by comparison.

Employer Branding
View all

Join our vibrant community of professionals and discover your potential to make a difference in the world.

Stay up to date with our latest news!