Principal Consultant – Cybersecurity

Experience: years


  • Lead and deliver Cybersecurity engagements end to end, which may vary based on various requirements and may include various flavour of projects
  • Lead multiple senior consultants and consultants and meets client and stakeholder expectations
  • Understands international and local Cybersecurity regulations thoroughly (specially for the Kingdom of Saudi Arabia) to cater to various projects.
  • Participates in discovery workshops with other consultants and key stakeholders
  • Work efficiently with client and by managing client expectations
  • Work on proposals and help in building Cybersecurity team and business
  • Leads project presentation for client project team and other key stakeholders
  • Facilitates guidance, mentorship to senior consultants and consultants
  • Motivates internal team members for successful delivery of projects


  • Bachelor or Master’s in Information Technology (IT)/Cybersecurity or related courses
  • Has at least 10+ years of experience in security projects, assessments and/or security audits (Cybersecurity GRC aspects, Cybersecurity Strategy, Operating Model, Cybersecurity Architecture, IS risk assessments, Third Party Security Risk Assessments, ISMS/NIST Assessment, ISMS implementation, Security Configuration Review, Architecture Review, Controls Review etc.) (mandatory)
  • Has facilitated and led multiple Cybersecurity engagements in the past
  • Has handled client in person and can manage projects at C-suite level
  • Excellent skillsets in consulting/advisory engagements (much preferred)
  • Strong knowledge in IT Audit/Assessments and/or Maturity Assessments
  • Strong knowledge on information security standards and guidelines such ISO 27001/2, NIST, CIS, PCI DSS and SWIFT CSP and other cybersecurity international standards
  • Strong knowledge in Cybersecurity, IT risks, Business Continuity, Data Privacy and Data Protection
  • Understanding of local Cybersecurity, Data Privacy regulations such as SAMA, NCA, DGA, NDMO, CMA etc. (much preferred)
  • Has working experience in Data Privacy (PDPA, GDPR, KSA’s PDPL) and in Security Awareness and Training
  • Understanding of AI, Cloud Compute, Storage, Security and Virtualization best practice
  • Preferably has at least one of the following certifications: ISC2 CISSP, ISACA CISM, CISA or CRISC, SABSA
  • Relevant knowledge in PCI DSS, SWIF, HITRUST and other industry security standards/guidelines

Good analytical, communication, interpersonal, and presentation skills (much preferred)