Position Overview
The Cybersecurity Compliance Analyst will work on Gap Analysis, evaluating and aligning the organization’s information security
practices with the Saudi Central Bank (SAMA) Cyber Security Framework. This
role involves assessing current security controls, identifying gaps,
recommending risk mitigation strategies, and ensuring ongoing compliance with
SAMA’s regulatory requirements. Candidates with knowledge of the National
Cybersecurity Authority (NCA) regulations in Saudi Arabia will be at an
advantage.
Key Responsibilities
1. Conduct
Comprehensive Gap Assessments
• Perform detailed
reviews of existing security policies, procedures, and technical controls.
• Map current
practices to the SAMA Cyber Security Framework and NCA regulations, documenting
any non-conformities or control gaps.
2. Develop Risk
Mitigation Strategies
• Collaborate with
cross-functional teams (IT, Legal, Compliance, Operations) to prioritize discovered
gaps.
• Propose remediation
plans with clear timelines and action items to address deficiencies.
3. Maintain
Regulatory Compliance
• Stay up to date on
changes and updates in the SAMA Cyber Security Framework and NCA regulations.
• Review and update
internal policies and standards to ensure continuous alignment with regulatory
requirements.
4. Reporting &
Stakeholder Communication
• Prepare compliance
reports and presentations for executive leadership and relevant committees.
• Communicate findings
and recommendations clearly to both technical and non-technical stakeholders.
5. Audit Readiness
& Support
• Coordinate with
internal and external audit teams to validate remedial actions and ensure
readiness for formal SAMA reviews.
• Provide evidence of
compliance, track audit findings, and follow up on corrective actions.
6. Continuous
Improvement
• Evaluate and
improve gap analysis methodologies and tools.
• Advocate best
practices for documentation, risk assessment, and compliance testing across the
organization.