GRC Consultant – SAMA CSF Implementation (4-Month Contract | Riyadh)

Company DescriptionLevelup Arab empowers businesses with innovative solutions and end-to-end support across multiple domains, including bookkeeping and financial services, custom software and website development, ERP implementation, cybersecurity services, and marketing and branding. We provide scalable cloud-based accounting, tailor-made business software, comprehensive ERP setups, advanced security solutions, and effective digital growth strategies. Our mission is to offer user-friendly digital solutions and ongoing support to businesses of all sizes.Position: GRC Consultant (3–5 Years’ Experience – SAMA CSF Implementation)We are looking for an experienced GRC professional with hands-on expertise in implementing the Saudi Central Bank’s Cybersecurity Framework (SAMA CSF), preferably within Fintech or financial institutions.Key Responsibilities:Conduct SAMA CSF gap assessments and develop detailed remediation and action plans.Implement cybersecurity and governance improvements to elevate maturity levels (e.g., from Level 2 to Level 3).Map SAMA CSF controls to framework domains and sub-controls, ensuring full alignment and compliance.Prepare comprehensive maturity assessment and compliance reports for management and regulatory bodies.Coordinate with business, IT, and cybersecurity teams to ensure governance mechanisms are established and maintained.Maintain evidence of compliance and support regulatory audits.Advise on risk management strategies, governance structures, and best practices to strengthen organizational resilience.Qualifications & Skills:Proven experience in Governance, Risk Management, and Compliance (GRC) functions.Strong background in SAMA CSF implementation and cybersecurity governance.Proficiency in conducting risk assessments, developing mitigation plans, and establishing control frameworks.Deep understanding of regulatory compliance and relevant standards.Excellent analytical, problem-solving, and documentation skills.Exceptional communication and stakeholder management abilities.Ability to work independently and collaboratively across departments.Bachelor’s degree in Business, Finance, Information Security, Law, or a related field.Experience in the Middle East region, especially KSA, is highly desirable.Professional certifications such as CISA, CISM, CRISC, ISO 27001 LA, or equivalent are advantageous.Engagement Details:Type: Temporary (4 Months)Location: On-site, Riyadh RegionAvailability: Immediate / Urgent RequirementDrop your CV on bilal.h@leveluparab.com