IT GRC Manager
Get Noticed
- Make sure Ninja actually reads your resume
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.
Welcome to Ninja, where we believe that we are shaping the future. At Ninja, we are passionate about creating user-friendly and visually stunning web applications that push the boundaries in design and innovation. We are looking for an experienced IT GRC Manager to enhance our Governance, Risk, and Compliance framework.
Key Responsibilities
• IPO & Regulatory Compliance: Lead IT compliance gap assessments against Saudi NCA ECC, PDPL, and CMA standards. Maintain IT controls evidence for IPO audits and collaborate with auditors, legal, and finance teams to ensure compliance and timely gap closure.
• Governance & Policy: Enforce IT policies across 150+ locations, manage IT risk register, and coordinate governance reviews with CIO and CISO to align policies with security and business goals.
• Risk Management: Conduct annual and ad-hoc IT risk assessments, set risk appetites, monitor vendor risks, and implement mitigation strategies to safeguard IT assets.
• Audit & Assurance: Oversee IT audits, prepare evidence, track findings, ensure timely remediation, and report progress to the CIO.Requirements
• 5+ years in IT GRC, audit, or security compliance, with preferred experience in IPO, M&A, or regulatory listings.
• Strong knowledge of Saudi NCA ECC and PDPL compliance.
• Experience with cloud platforms (AWS, GCP) from a controls and compliance perspective.
• Skilled in managing IT governance across multi-site or multi-country environments.
• Certifications such as CISA (preferred), CRISC, or ISO 27001 Lead Auditor/Implementer required.
• Familiar with frameworks including ISO 27001, NIST CSF, COBIT, and SOC 2.
• Excellent report-writing skills and fluency in Arabic and English.
Certifications (minimum of one required):
• CISA — preferred
• CRISC
• ISO 27001 Lead Auditor or Implementer
Skills:
• In-depth understanding of ISO 27001, NIST CSF, COBIT, and SOC 2 frameworks
• Capability to convert regulatory requirements into effective IT controls
• Exceptional written communication skills — reports will be submitted to the CIO, CISO, and Board members
• Fluency in both Arabic and English is mandatory
Requirements
- •5+ years in IT GRC, audit, or security compliance
- •Preferred experience in IPO, M&A, or regulatory listings
- •Strong knowledge of Saudi NCA ECC and PDPL compliance
- •Experience with cloud platforms (AWS, GCP) from a controls and compliance perspective
- •Skilled in managing IT governance across multi-site or multi-country environments
- •Certifications such as CISA (preferred), CRISC, or ISO 27001 Lead Auditor/Implementer required
- •Familiar with frameworks including ISO 27001, NIST CSF, COBIT, and SOC 2
- •Excellent report-writing skills and fluency in Arabic and English
Responsibilities
- •Lead IT compliance gap assessments against Saudi NCA ECC, PDPL, and CMA standards
- •Maintain IT controls evidence for IPO audits
- •Collaborate with auditors, legal, and finance teams
- •Enforce IT policies across 150+ locations
- •Manage IT risk register
- •Coordinate governance reviews with CIO and CISO
- •Conduct annual and ad-hoc IT risk assessments
- •Oversee IT audits, prepare evidence, track findings, ensure timely remediation
Related Jobs
Browse Similar
- Make sure Ninja actually reads your resume
- Get AI-rewritten bullet points
- Download Gulf-ready CV
60 seconds. $3.99 one-time.
Ninja offers comprehensive human resources and payroll management software. Their platform is designed to streamline operations for businesses operating within Saudi Arabia.
Visit WebsiteView all jobs