Security Consulting Team Lead

Title: Cybersecurity Strategy and GRC SME

Location: Riyadh, Saudi Arabia
 

About Accenture

Accenture is a global professional services company with leading capabilities in digital, cloud and security. Combining unmatched experience and specialized skills across more than 40 industries, we offer Strategy and Consulting, Song, Technology and Operations services — all powered by the world’s largest network of Advanced Technology and Intelligent Operations centers. Our 738,000 people deliver on the promise of technology and human ingenuity every day, serving clients in more than 120 countries. We embrace the power of change to create value and shared success for our clients, people, shareholders, partners and communities. Visit us at www.accenture.com.

About Accenture Security

Join Accenture Security to pioneer security solutions that blend risk strategy, digital identity, cyber defense, application security and managed services. Using the coolest next-gen tech, you’ll have every chance to stay one step ahead of cybercrime and out-hack the hackers.    

Accenture Security provides comprehensive security services – from security strategy development, to business transformation, to managed security services – on demand and at a global scale to help mitigate risks and take full advantage of advanced technologies and proven risk management models. Our experienced team of global security professionals helps businesses understand their risks and build resilience from the inside out, giving them the confidence to focus on what matters most: innovation and business growth. 

Responsible for managing cybersecurity GRC and third-party security risks at the CLIENT with focusing on Cyber Risk management. 

Roles & Responsibilities:

• Develop the cybersecurity policies and procedures aligned with best practices and NCA
• Assess patterns of non-compliance with CLIENT’s cybersecurity policies and procedures to ensure improvements.
• Establish cybersecurity compliance processes and audits for services provided by third parties.
• Develop a risk management strategy for THE CLIENT.
• Design, implement and maintain a risk management program.
• Ensure the effectiveness of the security mechanism for the protection of THE CLIENT data, systems and networks.
• Oversee and assess THE CLIENT systems’ compliance with cybersecurity, resilience and dependability requirements.
• Identify the roles and responsibilities for execution of the Risk Management Framework.
• Update the risk register based on the risk assessment.
• Determine and record the supply chain risks for key systems.
• Develop and calculate KPIs to monitor the performance of the cybersecurity function.
• Evaluate products that are implemented in RAC to manage cybersecurity risks to ensure that they are authorized for use.
• Ensure the organization's cybersecurity requirements are considered when collaborating with third parties.
• Perform risk assessment when new applications / systems are introduced or when there are changes / upgrades to an application or system.
• Perform a cybersecurity risk assessment of THE CLIENT systems and information.
• Conduct cybersecurity risk assessment across the organization.
• Develop and monitor the implementation of the risk treatment plan.
• Develop and calculate KRIs to monitor the risks.
• Develop cybersecurity risk detection, prevention and mitigation plans according to THE CLIENT’s risk appetite.
• Educate interested third parties about cybersecurity threats and mitigation methods.
• Develop and perform third party cybersecurity compliance processes and audits.
• Ensure third parties’ compliance with privacy and data security requirements.
• Communicate cybersecurity risks, posture, and event / incident management reports to the stakeholders.

Knowledge:

• NIST CSF Framework.
• The principles of cybersecurity and privacy.
• Cybersecurity risk management processes and methods.
• Cybersecurity in supply chain risk management.
• Data classification standards and methodologies.
• Operational impact on an organization due to cybersecurity breaches.
• Relevant cybersecurity, ethics and privacy laws, regulations, and standards.

Qualifications:

• Bachelor’s degree in computer science, information systems, or related field.
• 6 - 8 years of experience in information security and risk management.
• Experience working with common information security standards, such as: ISO 27001/27002, ISO27005, ISO31000 NIST, etc.
• CISSP, CISM, CISA, CRISC, CGEIT, PMI-RMP, or equal certifications.

Why join us? 

• We offer a transparent, fast paced approach career progression, with a focus on your strengths and continuous coaching from senior colleagues
• You will benefit from working alongside Accenture experts who are solving some of the biggest industry challenges with innovative thinking and pioneering tools
• Flexible work arrangements and a range of benefits including competitive rewards
• You will have access to state-of-the-art technology that will give you the opportunity to deepen your existing skills even as you help create the latest business trends
• You will also have opportunities to make a difference to the communities in which we work and live 

Next Steps

If this sounds like the ideal role, career and company for you, click below to apply. 
To learn more about life @AccentureMiddleEast, follow us on social media and keep up with our latest news.
 

Accenture Middle East: LinkedIn, Instagram, Facebook, Twitter, YouTube

About Accenture

Accenture is a leading global professional services company that helps the world’s leading businesses, governments and other organizations build their digital core, optimize their operations, accelerate revenue growth and enhance citizen services—creating tangible value at speed and scale. We are a talent- and innovation-led company with 750,000 people serving clients in more than 120 countries. Technology is at the core of change today, and we are one of the world’s leaders in helping drive that change, with strong ecosystem relationships. We combine our strength in technology and leadership in cloud, data and AI with unmatched industry experience, functional expertise and global delivery capability. We are uniquely able to deliver tangible outcomes because of our broad range of services, solutions and assets across Strategy & Consulting, Technology, Operations, Industry X and Song. These capabilities, together with our culture of shared success and commitment to creating 360° value, enable us to help our clients reinvent and build trusted, lasting relationships. We measure our success by the 360° value we create for our clients, each other, our shareholders, partners and communities. Visit us atwww.accenture.com

Equal Employment Opportunity Statement

All employment decisions shall be made without regard to age, race, creed, color, religion, sex, national origin, ancestry, disability status, veteran status, sexual orientation, gender identity or expression, genetic information, marital status, citizenship status or any other basis as protected by federal, state, or local law.

Job candidates will not be obligated to disclose sealed or expunged records of conviction or arrest as part of the hiring process.

Accenture is committed to providing veteran employment opportunities to our service men and women.