Cybersecurity GRC Consultant

Managed.sa is looking for a Cybersecurity GRC Consultant based in Jordan to support cybersecurity governance, risk, and compliance engagements for our clients.

The ideal candidate will have hands-on experience in cybersecurity frameworks, regulatory compliance, risk assessment, gap analysis, policy development, audit readiness, and executive reporting. This role requires strong analytical, documentation, and stakeholder management skills, with the ability to translate cybersecurity requirements into practical business-aligned controls and action plans.

Requirements

• Bachelor’s degree in Cybersecurity, Information Security, Computer Science, IT, Business, or a related field.
• Minimum 4–5 years of experience in cybersecurity GRC, risk management, compliance, audit, or information security consulting.
• Strong knowledge of cybersecurity frameworks and standards such as:
• NCA ECC / CCC / DCC / OTCC
• SAMA CSF / CRFR
• CST CRF
• ISO 27001 / ISO 27701 / ISO 22301
• NIST CSF
• PDPL / NDMO
• Experience in gap assessments, risk assessments, compliance reviews, and policy development.
• Strong reporting and documentation skills.
• Ability to communicate professionally with clients and senior stakeholders.
• Excellent English communication skills; Arabic is a strong plus.
• Currently based in Jordan and able to work remotely with teams and clients in KSA.

Nice to Have

• Professional certifications such as ISO 27001 LA/LI, CISA, CRISC, CISM, CISSP, Security+, or equivalent.
• Previous consulting experience with cybersecurity service providers.
• Experience working with Saudi regulatory frameworks.
• Experience preparing executive dashboards or compliance status reports.

Benefits

• Opportunity to work with a leading cybersecurity services company.

• Exposure to major cybersecurity governance and compliance projects in KSA.

• Remote work from Jordan.

• Professional growth in cybersecurity consulting, risk, and compliance.

• Collaborative and expert-driven work environment.