Title: Cybersecurity Risk Assessor – Risk & ComplianceLocation: Riyadh, Saudi ArabiaContract Duration: 1 year
We are seeking a highly experienced Cybersecurity Risk Assessor to support a major organization in conducting end-to-end cybersecurity risk assessments. This 1-year contract role plays a vital part in identifying, analyzing, and mitigating security risks across infrastructure, platforms, and third-party ecosystems.
About the Role:The Cybersecurity Risk Assessor will be responsible for evaluating threats and vulnerabilities across IT, OT, and digital systems, aligning with the organization’s risk management framework and national cybersecurity regulations. The role involves delivering formal risk reports, participating in vendor reviews, and embedding cybersecurity controls in new projects and contracts.
Key Responsibilities:Conduct cybersecurity risk assessments across infrastructure, digital platforms, and physical assetsIdentify internal and external threats, assess vulnerabilities, and determine their business impactDevelop actionable risk mitigation plans using technical, procedural, and administrative controlsEvaluate the cybersecurity posture of vendors, contractors, and partnersReview RFPs and contracts to ensure the inclusion of relevant cybersecurity controlsProvide detailed deliverables such as risk registers, risk reports, RFP reviews, and architecture security assessments (PPT, Word, PDF, Excel)Conduct workshops, training sessions, and knowledge transfer activities
Candidate Profile:10+ years of experience in cybersecurity risk assessments and baseline developmentIn-depth knowledge of cloud platforms, payment systems, security technologies, and containerization (e.g., Docker, Kubernetes)Strong familiarity with compliance standards including Saudi NCA regulations and international cybersecurity frameworksProven ability to engage stakeholders and present complex risk concepts clearlyStrong certifications in cybersecurity risk management or governance are highly desirable
If you're a risk-focused cybersecurity professional ready to contribute to high-impact initiatives in a regulated and dynamic environment, we’d love to hear from you.
