Cyber compliance (Senior Consultant) - Technology Consulting

Cyber compliance Consultant (Senior Consultant) – Technology Consulting,

Saudi National only.

At EY, you will have the chance to build a career as unique as you are, with the global scale, support, inclusive culture, and technology to become the best version of you. And we are counting on your unique voice and perspective to help EY become even better too. Join us and build an exceptional experience for yourself, and a better working world for all.

The opportunity

EY is on the lookout for a Cyber Security Consultant with 2-3 years of experience.This role will be based in our Riyadh – KSA office and will require working as a resident consultant at a client site in Riyadh. The role plays a key part in execution of strategic initiatives under Cybersecurity (CS) Priorities. The role executes (plan, design/development and deploy) strategic, complex cross-functional initiatives across the business. Expectation would be to develop execution plans, drive actions, resolve issues, identify dependencies, and manage stakeholders to produce intended results on initiatives and programs. 

Your key responsibilities

• NCA Framework Implementation: Assist organizations in implementing the NCA cybersecurity framework, ensuring alignment with national standards and guidelines.
• Compliance Assessment: Conduct assessments to evaluate the organization's compliance with NCA regulations, including the Cybersecurity Controls and other relevant frameworks.
• Policy Development: Develop and review cybersecurity policies and procedures in accordance with NCA requirements, ensuring they are effectively communicated and enforced.
• Risk Management: Identify, assess, and prioritize cybersecurity risks specific to the organization's operations within the context of NCA compliance.
• Training and Awareness: Create and deliver training programs focused on NCA compliance requirements and best practices for employees at all levels.
• Audit Support: Support internal and external audits related to NCA compliance, providing necessary documentation and evidence of compliance efforts.
• Incident Management: Assist in the development and execution of incident response plans that meet NCA guidelines, including reporting requirements for cybersecurity incidents.
• Continuous Monitoring: Implement continuous monitoring practices to ensure ongoing compliance with NCA regulations and to identify areas for improvement.
• Stakeholder Collaboration: Work closely with internal stakeholders, including IT, legal, and management, to foster a culture of compliance and cybersecurity awareness.
• Reporting and Documentation: Prepare detailed reports on compliance status, risk assessments, and incident responses, ensuring they meet NCA reporting standards.
• Regulatory Updates: Stay informed about changes in NCA regulations and guidelines, advising the organization on necessary adjustments to maintain compliance.

Skills and attributes for success

• Knowledge of NCA Regulations: In-depth understanding of the NCA cybersecurity framework, guidelines, and compliance requirements.
• Risk Management: Proficiency in identifying, assessing, and managing cybersecurity risks, including familiarity with risk assessment methodologies.
• Cybersecurity Standards: Familiarity with international cybersecurity standards and frameworks (e.g., ISO 27001, NIST, CIS) and their application in a compliance context.
• Policy Development: Ability to develop, implement, and review cybersecurity policies and procedures that align with regulatory requirements.
• Audit and Compliance: Experience in conducting compliance audits and assessments, as well as preparing for external audits.
• Incident Response: Knowledge of incident response planning and execution, including familiarity with reporting requirements for cybersecurity incidents.
• Technical Proficiency: Understanding of cybersecurity technologies, tools, and practices, including network security, encryption, and access controls.
• Communication Skills: Strong verbal and written communication skills to effectively convey complex cybersecurity concepts to diverse audiences.
• Training and Awareness: Ability to design and deliver effective training programs on cybersecurity compliance and best practices.
• Analytical Skills: Strong analytical and problem-solving skills to assess compliance gaps and recommend appropriate solutions.
• Project Management: Experience in managing compliance projects, including planning, execution, and monitoring progress.
• Stakeholder Engagement: Ability to collaborate with various stakeholders, including IT, legal, and management, to promote a culture of compliance.
• Continuous Learning: Commitment to staying updated on emerging cybersecurity threats, trends, and regulatory changes.

Qualifications

• Educational Background:

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field.
• A Master's degree in a relevant field is a plus.

• Certifications:

• Relevant cybersecurity certifications, such as:

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Information Systems Auditor (CISA)
• Certified in Risk and Information Systems Control (CRISC)
• CompTIA Security+
• ISO 27001 Lead Implementer or Lead Auditor

• Experience:

• Proven experience in cybersecurity compliance, risk management, or related roles, preferably within the context of NCA regulations.
• Experience working with organizations in Saudi Arabia or the Middle East region is advantageous.

• Knowledge of Local Regulations:

• Familiarity with local laws and regulations related to cybersecurity and data protection in Saudi Arabia.

• Technical Skills:

• Proficiency in cybersecurity tools and technologies, including firewalls, intrusion detection systems, and security information and event management (SIEM) solutions.

• Project Management Skills:

• Experience in managing projects,

• Language Proficiency:

• Proficiency in both Arabic and English is preferred, as it facilitates communication with local stakeholders and documentation.

• Soft Skills:

• Strong interpersonal skills, adaptability, and the ability to work collaboratively in a team environment.

What we look for
 

• Ability to work and deliver as part of a world class team, and flexibility to take on impactful roles in multiple initiatives

What we offer
 

We offer a competitive compensation package where you’ll be rewarded based on performance and recognized for the value you bring to our business. Plus, we offer:

• Continuous learning: You’ll develop the mindset and skills to navigate whatever comes next.
• Success as defined by you: We’ll provide the tools and flexibility, so you can make a meaningful impact, your way.
• Transformative leadership: We’ll give you the insights, coaching and confidence to be the leader the world needs.
• Diverse and inclusive culture: You’ll be embraced for who you are and empowered to use your voice to help others find theirs.

If you can demonstrate that you meet the criteria above, please contact us as soon as possible.

The exceptional EY experience. It’s yours to build.

EY | Building a better working world

EY exists to build a better working world, helping to create long-term value for clients, people and society and build trust in the capital markets.

Enabled by data and technology, diverse EY teams in over 150 countries provide trust through assurance and help clients grow, transform and operate.

Working across assurance, consulting, law, strategy, tax and transactions, EY teams ask better questions to find new answers for the complex issues facing our world today.