GRC Consultant

About Security Matterz

Security Matterz is a Saudi company Riyadh-based cybersecurity and Managed Security Services provider, helping organizations across government, financial, and private sectors to strengthen their security posture and comply with local and international regulations.

We are looking for  GRC Consultants  to support and lead cybersecurity governance, risk, and compliance initiatives for our clients in Saudi Arabia.

Key Responsibilities

• Support the design, implementation, and maintenance of cybersecurity governance frameworks for clients.
• Participate in developing and maintaining cybersecurity policies, procedures, standards, and guidelines.
• Assist in conducting risk assessments, identifying gaps, and proposing appropriate risk treatment plans.
• Contribute to compliance programs related to:
• NCA frameworks (e.g., ECC, CCC, etc.)
• SAMA Cybersecurity Framework
• Prepare and maintain documentation, evidence, and reports required for audits and assessments.
• Coordinate with technical teams (SOC, infrastructure, applications) to ensure controls are implemented and effective.
• Support security awareness and training initiatives for client staff.
• Lead end-to-end GRC engagements with clients, acting as the primary GRC point of contact.
• Lead risk assessment workshops with business and technical stakeholders.
• Develop and monitor compliance roadmaps for NCA, SAMA and other relevant frameworks.
• Prepare and present executive-level reports, dashboards, and recommendations to senior management and regulators.
• Mentor and guide junior GRC team members.

Requirements:

· Excellent written and verbal communication in  English ;  Arabic is a strong advantage.

· Strong attention to detail and documentation quality.

· Ability to work both independently and as part of a cross-functional team.