Main Responsibilities:
- Develop, implement, and maintain IT governance frameworks, policies, and procedures.
- Lead IT risk management, compliance, and audit activities, ensuring adherence to regulatory and organizational standards.
- Oversee IT quality management initiatives, including process improvement, documentation, and performance monitoring.
- Manage the cybersecurity program, including risk assessments, incident response and security controls implementation and acting as POC between IT and cybersecurity department.
- Coordinate with internal and external auditors, regulators, and stakeholders on IT governance, quality, and cybersecurity matters.
- Monitor and report on IT governance, quality, and cybersecurity implementations KPIs to senior management.
- Promote a culture of continuous improvement and compliance within the IT organization.
- Advise on emerging risks, regulatory changes, and industry trends affecting IT governance and cybersecurity.
- Support IT projects and initiatives by ensuring governance, quality, and security requirements are integrated from inception to delivery.
- Partner with business units to align IT governance and security practices with organizational goals.
- Bachelor’s degree in Computer Science, Information Systems, Cybersecurity, or a related field.
- Relevant professional certifications (e.g., COBIT, ITIL, CISA, CISSP, ISO 27001 Lead Implementer) are preferred.
Experience & Skills
- 6+ years of experience in IT governance, risk management, quality management, or cybersecurity.
- Demonstrated experience in developing and implementing IT governance and cybersecurity frameworks.
- Strong knowledge of regulatory requirements, standards, and best practices (e.g., ISO 27001, NCA, SAMA, NIST).
- Excellent analytical, problem-solving, and communication skills.
- Ability to lead cross-functional teams and manage multiple priorities.
- Proficiency in English required; fluency in Arabic is preferred.
KPIs
- Timely development and review of IT governance and cybersecurity policies (e.g., annual review cycle).
- Compliance rate with internal and external IT audits.
- Reduction in IT risks and incidents through proactive controls and awareness programs.
- Resolution
Skills Required
- Bachelor's degree in Computer Science, Information Systems, Cybersecurity, or a related field
- Relevant professional certifications (e.g., COBIT, ITIL, CISA, CISSP, ISO 27001 Lead Implementer)
What We Do
The National Energy Services Company (TARSHID) is a national company wholly owned by the Public Investment Fund (PIF). It embarked in 2017 to be the leader in the national energy services sector, to contribute into one of the main pillars of Saudi Vision 2030 “sustainability”, and to invigorate a prosperous industry in energy efficiency and support the kingdom's circular carbon economy. TARSHID aspires to play a primary role in fostering the energy services sector by contributing to the strategic sustainability goals, through the integration between energy efficiency, operational efficiency, and clean energy solutions, and providing sustainable solutions to increase energy efficiency, reinforce the expansion of clean and renewable energy, propose smart infrastructure solutions for buildings and cities, amplify participation in the energy services sector market, advocating for the localization of content. The company specializes in managing and financing projects for retrofitting buildings and facilities related to energy efficiency, providing measurement and verification services, tender management, procurement services, in addition to supervising operations and maintenance activities across the life cycle of the retrofit project.
