Flint International Middle East

Position:

Cybersecurity Risk Management Specialist

Location: Riyadh, KSA

Experience: 3-7 Yrs

Skills: NCA Essential Cybersecurity Controls (ECC), ISO 27001 / ISO 27005, NIST Cybersecurity Framework, NIST SP 800-30 / 800-37, GRC Certifications

** Only Immediate joiners OR not longer than 30 days’ Notice Period **

Job Description

Risk Assessment & Analysis

  • Conduct cybersecurity risk assessments for systems, networks, cloud environments, and business processes.
  • Identify threats, vulnerabilities, and potential business impacts.
  • Develop risk scenarios and evaluate likelihood and impact using recognized methodologies.
  • Maintain and update the enterprise-wide risk register.

Risk Treatment & Governance

  • Develop and implement risk treatment plans and mitigation strategies.
  • Track the status of risk remediation and ensure timely completion.
  • Align all cybersecurity risk activities with regulatory frameworks such as NCA ECC, ISO 27001/27005, NIST RMF.
  • Support internal and external audit processes and ensure compliance with security standards.
  • Create policies, standards, and procedures related to cybersecurity risk management.
  • Work closely with IT, cybersecurity, and business units to identify and manage risks.
  • Conduct risk workshops and awareness sessions for stakeholders.
  • Communicate risk updates, findings, and recommendations to senior management.
  • Monitor emerging threats, vulnerabilities, and regulatory changes.
  • Update risk evaluation methodologies to reflect evolving threats.
  • Assess third-party/vendor risks and ensure compliance with security requirements.

Skills and Experience

  • Experience in cybersecurity risk management, GRC, or information security governance.
  • Strong understanding of frameworks and standards such as:
  • NCA Essential Cybersecurity Controls (ECC)
  • ISO 27001 / ISO 27005
  • NIST Cybersecurity Framework
  • NIST SP 800-30 / 800-37
  • Experience with risk assessment tools, threat modeling, and business impact analysis (BIA).
  • Excellent analytical, documentation, and communication skills.

Professional Certifications (Preferred)

  • Risk Management / GRC Certifications
  • CRISC – Certified in Risk and Information Systems Control
  • CISM – Certified Information Security Manager
  • ISO 27005 Risk Manager
  • CISSP – (for broader security governance knowledge)

Digital Forensics & Incident Response (Optional but Valuable)

  • GIAC 608 – GIAC Intermediate Forensic Analyst
  • GCFA – GIAC Certified Forensic Analyst
  • GCFE – GIAC Certified Forensic Examine

If you are interested in this opportunity, please send your resume to Career@flint-international.me ensure the position name is included in the subject line.

Scroll to Top