Cybersecurity GRC Consultant

About the role

Managed.sa is seeking a Cybersecurity GRC Consultant to join its remote team in Jordan. You will support governance, risk, and compliance engagements for clients across the Kingdom of Saudi Arabia, translating security requirements into practical, business‑aligned controls.

Key responsibilities

• Conduct gap assessments, risk assessments, and compliance reviews against Saudi and international security frameworks.
• Develop and update security policies, procedures, and audit‑readiness documentation.
• Prepare executive dashboards and compliance status reports for senior stakeholders.
• Provide stakeholder management and advisory services to ensure alignment of security controls with business objectives.
• Support audit readiness and assist clients in achieving regulatory compliance.

Required profile

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, IT, Business or a related field.
• 4‑5 years of experience in GRC, risk management, compliance or information‑security consulting.
• Professional fluency in English; Arabic is a strong plus.
• Currently based in Jordan and able to work remotely.

Required skills

• Knowledge of Saudi regulatory frameworks: NCA ECC, CCC, DCC, OTCC, SAMA CSF, CRFR, CST, CRF.
• Familiarity with international standards: ISO 27001, ISO 27701, ISO 22301, NIST CSF, PDPL, NDMO.
• Experience in gap assessments, risk assessments, policy development and audit preparation.
• Certifications such as CISA, CRISC, CISM, CISSP, Security+ or ISO 27001 Lead Auditor/Implementer are highly desirable.

What we offer

• Remote work from Jordan with a leading cybersecurity services firm.
• Exposure to major governance and compliance projects in KSA.
• Professional growth in cybersecurity consulting, risk, and compliance.
• Collaborative, expert‑driven work environment.