- Experience Needed:
- 8 to 10 years
- Career Level:
- Experienced (Non-Manager)
- Job Type:
- Full Time
- Education Level:
- Bachelor's Degree at least
- Travel Frequency:
- Up to 50% travel
About the Job
Alnafitha Enterprise Strategy team is a team that contributes to Alnafitha services by providing best practices and excellence methodologies in the domains of ITSM, GRC, IT Quality and Enterprise Architecture.
We are currently searching for an enthusiastic and innovative Cyber Security Consultant to work on our Enterprise Strategy Team in Alnafitha.
We’re a team of excellence driven individuals with a curiosity for how to optimize and enhance practices and a passion for designing and building reliable, practical, effective and efficient operation models. This position will require high cooperation with other teams from project management, sales and business development. We’re always striving to learn more, expand our skills and grow our teammates.
Primary Focused Domain(s): CS/ISMS
- Perform planning, design and implementation of Cyber Security & Business Continuity frameworks/standards (ISO/IEC 27001, ISO 22301, NIST, PCI-DSS etc.) processes/procedures/policies to meet evolving and changing needs of clients and provide assessment, design and redesign, and implementation solutions for clients.
- Build Cyber Security strategy and road map for IT & CS departments to achieve their cyber security objectives
- Provide exceptional delivery of security risk management practices to Alnafitha’s customers to be able to:
- Prepare planned, measurable, and practical corrective actions.
- Examine the relationship between people, processes, and technology, and their effects on information confidentiality, integrity, and availability
- Perform risk identification and provide detailed guidance on mitigation or remediation as well as providing recommendations on security policies and initiatives
- Review risk metrics results and provide input to information security reporting and dashboards.
- Quantify risk using threat likelihood, implementation state, and business impact variables and then how to prioritize risk initiatives based on business need, compliance requirements, and/or risk reduction.
- Maintain quality and performance indicators in order to meet service delivery targets and quality goals
- Analyze and identify recommendations for enhancements based on international and KSA national frameworks/standards (ISO/IEC 27001, ISO 22301, NIST, PCI-DSS, SAMA etc.) requirements & practices.
- Improve existing ISMS/BCMS practices and identify key operational measurements to use for process/procedure improvements and assist with the preparation of presentations and proposals and work on policy analysis for definition.
- Conduct ISO/IEC27001/ISO22301/NIST/SANS gap analysis highlighting current state, future state, client needs, best practices.
- Facilitating and documenting ISMS/BCMS process/procedure design workshops to meet standards
- Understand client needs and match them to relevant unit security requirements.
- Deliver training and awareness sessions for ISMS (ISO/IEC 27001, ISO 22301 NIST, PCI-DSS etc.)
- Develop – with coordination with unit head – ISMS & BCMS RFPs and Technical Proposals
- Participate in Alnafitha ISMS toolkits design and development. Develop standards, templates, and procedures to aid in the development of the required work products.
- Business travels could be required up to 60-70% [covered by the company].
8 to 10 years
Bachelor's Degree at least
Computer Software Consulting Services Information Technology Services
- Bachelor’s degree in Computer Science, Security or equivalent.
- ISO/IEC 27001 & ISO 22301 Lead Auditor or Implementor (Must)
- CISSP or CISM (Must)
- CISA (Must)
- NIST Assessor (is a plus)
- 8-10 years of proven experience in Cyber Security consultation
- Demonstrated experience in information system compliance with government standards and industry best practices, including ISO27001, NIST, PCI-DSS, SANS etc. (SAMA framework is a plus)
- Previous hands-on technical experience in networking, system administration and development
- Experience working across private and public sectors across EMEA – particularly in GCC.
- High sense of responsibility and ownership, acting like owner in what you do.
- Exceptional communication and presentation skills
- Being able to work on their own or in a team
- Being able to work to tight deadlines
- Ability to maintain composure during stressful situation
- Handling many tasks & responsibilities
- Fluent in Arabic and English.
About this Company
Alnafitha International founded since 1993 in Saudi Arabia is a leading independent provider of IT services and solutions.
See all Careers and Jobs at Alnafitha
Alnafitha provides consistent processes and tools combined with the right skills at the right time and place. We design IT solutions that...