Cybersecurity Risk Analyst

We are looking for a dedicated Cybersecurity Risk Analyst to join one of our clients in KSA.You will drive their vulnerability management and risk assessment program. The ideal candidate will have a strong background in identifying, analyzing, and mitigating cybersecurity risks across all organizational assets, third parties, and systems. This role is essential for maintaining a proactive security posture and ensuring regulatory compliance.Key Responsibility:Risk Assessment and Analysis:Conduct comprehensive security risk assessments across the organization. This includes analyzing risks related to internal systems, departments, third-party vendors, and suppliers that interact with our digital assets.Prepare and update comprehensive risk reports that clearly classify risks (e.g., High, Medium, Low) and provide actionable recommendations for addressing or mitigating identified security risks.Vulnerability Management:Conduct and oversee vulnerability assessments (VAs) on systems and applications.Technically and practically analyze the results of vulnerability assessments to understand the true impact and likelihood of exploitation.Remediation and Monitoring:Monitor the implementation of remediation plans with relevant departments and system owners.Document the closure status of risks and follow up to identify gaps or risks that remain unresolved beyond the specified timeframe.Evaluate the effectiveness of current mitigation measures and submit recommendations for continuous improvement. Risk Governance and Reporting:Continuously update the corporate risk register, linking all identified risks to their respective mitigation plans and designated risk owners.Prepare regular reports and dashboards for management on the overall risk posture, vulnerability trends, and remediation progress.Required Qualifications and ExperienceExperience: 3+ years of experience dedicated to cybersecurity risk analysis and management or a related Governance, Risk, and Compliance (GRC) role.Technical Skills: Practical experience in performing and analyzing the results of Vulnerability Assessments (VAs) and conducting technical risk modeling.Frameworks: Strong knowledge of industry-standard security and risk frameworks (e.g., ISO 27001, NIST, OCTAVE, CIS).Location/Regional Experience: Practical experience operating within the Kingdom of Saudi Arabia (KSA) is required.Desired Certifications : CRISC , CISM (Certified Information Security Manager) , ISC2 CGRC , CompTIA Security+ or CompTIA CySA+ Language (Preferred): Arabic speaking preferredCompetenciesExceptional analytical and problem-solving skills with a keen attention to detail.Ability to work under pressure in time-sensitive incident response situations.Strong verbal and written communication skills for coordinating with various teams and producing clear, executive-level reports.High level of integrity and professional judgment in handling sensitive security information.