Analyst, Information Security
Job Description Roles & Responsibilities The Information Security Analyst supports the Governance, Risk, and Compliance (GRC) function by assisting in the documentation, monitoring, and coordination of information security activities across the organization. The role contributes to maintaining a robust information security governance framework, supporting risk assessment processes, and helping ensure alignment with applicable regulatory requirements and industry standards (including SAMA, PDPL, ISO 27001, and PCI-DSS). Working under the guidance of senior GRC professionals, the role serves as a key operational contributor to the organization's overall information security program, awareness initiatives, and compliance monitoring efforts. Information Security Governance Tasks Assist in maintaining documentation related to the information security governance framework. Support efforts to ensure information security initiatives remain aligned with business objectives and regulatory requirements. Help in gathering and updating information related to legal and regulatory requirements affecting information security (e.g., GDPR, SAMA, ISO27001, PCI-DSS). Participate in identifying organisational drivers (technology, risk tolerance, business changes) and documenting their impact on information security. Assist in maintaining role and responsibility matrices for information security across the organisation. Support the preparation of internal and external communication materials related to information security governance. Information Risk Management Tasks Support the identification and documentation of information assets and their owners as part of asset classification activities. Assist in execution and documentation of basic information security risk assessments. Participate in business impact assessment (BIA) data collection activities. Support ongoing threat and vulnerability assessment activities by gathering data and preparing reports. Help in documenting existing controls and supporting the evaluation of their effectiveness. Assist in integrating risk and vulnerability data into lifecycle processes (e.g., procurement checks, project reviews). Assist in preparing risk reports and highlighting significant changes for review by senior staff. Information Security Program Development Tasks Assist in maintaining documentation supporting the information security program and strategy. Support tracking of cybersecurity activities, including SOC alerts and compliance monitoring. Help monitor adherence to cybersecurity policies, standards, and procedures. Assist in the investigation process for cybersecurity incidents by collecting logs or reports from relevant teams. Support threat intelligence gathering from internal and publicly available sources. Help coordinate cybersecurity reviews, audits, and assessments. Assist in maintaining information security awareness materials, training schedules, and communication plans. Support documentation and updates of standards, procedures, guidelines, and baselines. Assist in integrating information security requirements into procurement or project documentation. Help track program metrics (KPIs/KRIs) and prepare dashboards or reports. Generic: Support the maintenance of information security policies, standards, processes, and architecture documentation. Assist in information security initiatives across business and technology teams. Support establishing and monitoring compliance with information security policies, standards, and relevant regulations. Assist in performing information security reviews and preparing related reports. Support classification of information and systems and document security requirements for key projects. Assist in delivering information security awareness activities and materials. Help measure and track security-related KPIs and KRIs. Provide general administrative and analytical support to the GRC and Information Security teams. Desired Candidate Profile Bachelor's degree in Information Technology, Computer Science, Software Engineering, Cybersecurity, or a related field. Recent graduates and fresh university leavers are encouraged to apply No minimum professional experience required but 0-2 years in the Information Security domain specifically is a plus. Basic understanding of information security concepts, standards, and frameworks (e.g., ISO27001, NIST, SAMA CSF). Basic awareness of data protection regulations (PDPL) is a plus. Coursework, academic projects, or internships related to cybersecurity, risk management, or compliance are preferred. Company Industry BankingFinancial ServicesBroking Department / Functional Area IT Software Keywords AnalystInformation Security Get real-time job updates only on our App
Ready to apply?
You are viewing this role on JobSphere AI. Applications are completed on the original employer / source website.
Apply on original siteOpens the employer's site in a new tab
- Companytabby
- LocationRiyadh - Saudi Arabia
- CategoryCybersecurity
- SourceNaukrigulf
- Listed3 weeks ago
Related Cybersecurity jobs
SOC Engineer
Security Monitoring & Threat Detection • Administration, management, and Support deployment and tuning of OT security tools (Nozomi, Forescout). Monitor OT/ICS…
Priority Banking - Customer Service Representative
1. Client Relationship Management ▸ Resolve customer issues efficiently while ensuring first-contact resolution whenever possible. ▸ Manage customer complaints…
Secretary
Manage executive schedules, ensuring optimal time allocation for meetings, deadlines, and travel, to facilitate smooth operations. Prepare and edit…
Senior Full Stack Developer
We are seeking an experienced Full Stack Engineer with strong Java expertise and modern front-end capabilities to design, build and deliver scalable enterprise…