56 Security Policies jobs in Riyadh

Career Opportunities with Avana Companies

A great place to work.

As a people-first organization, AVANA Companies is the sum of our team members. Our team is the heart of our organization, across all our brands.  Given everything they bring to the table, our goal is to enrich their lives as much as we enrich the lives of our clients and partners. At the end of the day, our passion is our people, and our purpose is to deliver Capital for a Better Tomorrow. As a united team, we passionately pursue that purpose – ultimately creating a lasting impression on our own lives and the lives of people around the world. We’re lucky that every day we get to collaborate and work together to accomplish that. It’s one of the many factors that make us a family of companies .

Want to learn more about how you can join our family? View our openings below and be sure to check back often, as our family is constantly growing!

Mission:
The Compliance Officer will ensure the financial transactions, business activities and general operations adhere to the principles of Shariah law, including compliance oversight, policy development, auditing and risk management, stakeholder communication and ethical advocacy.

Key Performance Indicators:
• The % of the organization's assets that comply with Sharia principles, including investments, financing activities, and other financial instruments that align with Islamic finance guidelines.
• The amount of time taken to obtain approval from authorities for new financial products, contracts, or business activities.
• Drafting, implementing and training of business operations procedures for new staff within 60 days of onboarding.
• The # of findings from compliance audits or assessments and the % time taken to remediate any issues identified.
• The accuracy and timeliness of regulatory reports submitted by the organization.

Responsibilities:
• Ensures that the organization complies with all relevant laws, regulations, and industry standards applicable to its operations including AML, KYC requirements
• Acts as primary liaison between the organization and regulatory authorities, industry associations, and other external stakeholders.
• Scrutinizes contracts, agreements, and business practices to ensure they are free from interest (riba), uncertainty (gharar), speculation (maisir), and unethical investments.
• Develops and implements policies and procedures that align with Shariah principles and regulatory requirements. This will involve creating guidelines for permissible investments, ethical business practices, and customer interactions that adhere to Islamic finance principles.
• Monitors the organization's activities to detect any violations of laws, regulations, or internal policies. Investigates potential breaches, documenting findings, and reporting them to senior management and regulatory authorities as required.
• Provides training and educational sessions to employees to ensure they understand Shariah compliance requirements and their implications for business operations.
• Audits and monitoring activities to assess the organization's compliance with Sharia principles. This involves reviewing financial records, conducting on-site inspections, and investigating any potential breaches of Sharia compliance.

Qualifications:
• Bachelor's degree in Business, Finance, or a related field. Master's degree preferred.
• Professional Certificate in Islamic Finance (PCIF) Certification
• Proven experience in a similar leadership role, with a track record of successfully implementing technology strategies.
• Strong technical compliance and lending knowledge and understanding of legal requirements, regulations and Sharia Lending practices
• Excellent leadership and management skills, with the ability to motivate and inspire a team.
• Strong business acumen and the ability to align technology initiatives with organizational goals.
• Exceptional problem-solving and decision-making skills, with a strong attention to detail.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and communicate with stakeholders at all levels.
• Proven ability to manage multiple projects and priorities in a fast-paced, dynamic environment.
• Strong strategic thinking and planning skills, with the ability to anticipate and mitigate potential risks and challenges.

Note: This job description is not intended to be all-inclusive. The Compliance Officer may be required to perform other related duties as requested by the management team.

We are seeking a highly skilled Chief Compliance Officer (CCO) to join our automotive dealership and distribution company. The ideal candidate will be responsible for overseeing and ensuring compliance with all regulatory requirements, internal policies, and industry standards. This role is pivotal in maintaining the integrity and reputation of our organization while fostering a culture of compliance across all levels. The CCO will report directly to the CEO and work closely with various departments to identify compliance risks and implement effective controls. The successful candidate will have a deep understanding of the automotive industry, regulatory frameworks, and best practices in compliance management.

• Develop, implement, and maintain a comprehensive compliance program that aligns with the company's strategic goals.
• Conduct regular compliance audits and assessments to identify areas of risk and ensure adherence to policies and regulations.
• Provide guidance and training to employees on compliance-related matters, fostering a culture of ethical behavior and accountability.
• Monitor changes in laws and regulations affecting the automotive industry and ensure the organization adapts accordingly.
• Collaborate with internal teams to develop and enforce compliance policies and procedures that mitigate risk.
• Serve as the primary point of contact for regulatory agencies and manage all communications related to compliance issues.
• Prepare and present compliance reports to the executive team and the board of directors, highlighting key risks and mitigation strategies.
• Investigate and resolve compliance-related issues and concerns in a timely and effective manner.
• Lead compliance-related projects and initiatives aimed at improving the overall compliance posture of the organization.
• Engage with external auditors and consultants to enhance the effectiveness of the compliance program.

• Proven experience in a compliance role within the automotive industry or a related field.
• Strong understanding of regulatory requirements and compliance frameworks applicable to automotive dealerships.
• Exceptional analytical skills with the ability to assess complex compliance issues and develop practical solutions.
• Excellent communication and interpersonal skills, capable of building relationships at all levels of the organization.
• Strong leadership skills with a track record of leading compliance teams and initiatives.
• Demonstrated ability to influence and drive change within an organization.
• High level of integrity and ethical standards, with a commitment to transparency and accountability.
• Ability to work under pressure and manage multiple priorities effectively.
• Advanced degree in law, business administration, or a related field is preferred.
• Professional certifications such as:
• Certified Compliance and Ethics Professional (CCEP)
• ISO 37301: Compliance Management System
• SAMA Regulatory Compliance Certification
• SMA (Saudi Market Authority) Compliance Certification
• Certified Risk and Compliance Management Professional (CRCMP) or equivalent.

• Regulatory Knowledge: A thorough understanding of local and international regulations affecting the automotive industry, ensuring compliance with all legal standards.
• Risk Management: Expertise in identifying, assessing, and mitigating compliance risks, enabling proactive management of potential issues.
• Communication Skills: Strong verbal and written communication abilities to effectively convey compliance policies and procedures to staff and stakeholders.
• Analytical Skills: Proficiency in data analysis and interpretation to evaluate compliance metrics and identify trends that inform decision-making.
• Leadership: Proven leadership capabilities to inspire and guide teams in fostering a culture of compliance throughout the organization.

Career Opportunities with Avana Companies

A great place to work.

As a people-first organization, AVANA Companies is the sum of our team members. Our team is the heart of our organization, across all our brands. Given everything they bring to the table, our goal is to enrich their lives as much as we enrich the lives of our clients and partners. At the end of the day, our passion is our people, and our purpose is to deliver Capital for a Better Tomorrow. As a united team, we passionately pursue that purpose – ultimately creating a lasting impression on our own lives and the lives of people around the world. We’re lucky that every day we get to collaborate and work together to accomplish that. It’s one of the many factors that make us a  family of companies .

Want to learn more about how you can join our family? View our openings below and be sure to check back often, as our family is constantly growing!

Mission:
The Compliance Officer will ensure the financial transactions, business activities and general operations adhere to the principles of Shariah law, including compliance oversight, policy development, auditing and risk management, stakeholder communication and ethical advocacy.

Key Performance Indicators:
• The % of the organization's assets that comply with Sharia principles, including investments, financing activities, and other financial instruments that align with Islamic finance guidelines.
• The amount of time taken to obtain approval from authorities for new financial products, contracts, or business activities.
• Drafting, implementing and training of business operations procedures for new staff within 60 days of onboarding.
• The # of findings from compliance audits or assessments and the % time taken to remediate any issues identified.
• The accuracy and timeliness of regulatory reports submitted by the organization.

Responsibilities:
• Ensures that the organization complies with all relevant laws, regulations, and industry standards applicable to its operations including AML, KYC requirements
• Acts as primary liaison between the organization and regulatory authorities, industry associations, and other external stakeholders.
• Scrutinizes contracts, agreements, and business practices to ensure they are free from interest (riba), uncertainty (gharar), speculation (maisir), and unethical investments.
• Develops and implements policies and procedures that align with Shariah principles and regulatory requirements. This will involve creating guidelines for permissible investments, ethical business practices, and customer interactions that adhere to Islamic finance principles.
• Monitors the organization's activities to detect any violations of laws, regulations, or internal policies. Investigates potential breaches, documenting findings, and reporting them to senior management and regulatory authorities as required.
• Provides training and educational sessions to employees to ensure they understand Shariah compliance requirements and their implications for business operations.
• Audits and monitoring activities to assess the organization's compliance with Sharia principles. This involves reviewing financial records, conducting on-site inspections, and investigating any potential breaches of Sharia compliance.

Qualifications:
• Bachelor's degree in Business, Finance, or a related field. Master's degree preferred.
• Professional Certificate in Islamic Finance (PCIF) Certification
• Proven experience in a similar leadership role, with a track record of successfully implementing technology strategies.
• Strong technical compliance and lending knowledge and understanding of legal requirements, regulations and Sharia Lending practices
• Excellent leadership and management skills, with the ability to motivate and inspire a team.
• Strong business acumen and the ability to align technology initiatives with organizational goals.
• Exceptional problem-solving and decision-making skills, with a strong attention to detail.
• Excellent communication and interpersonal skills, with the ability to effectively collaborate and communicate with stakeholders at all levels.
• Proven ability to manage multiple projects and priorities in a fast-paced, dynamic environment.
• Strong strategic thinking and planning skills, with the ability to anticipate and mitigate potential risks and challenges.

Note: This job description is not intended to be all-inclusive. The Compliance Officer may be required to perform other related duties as requested by the management team.

Maintain Cybersecurity Governance: To refresh and align cybersecurity governance with regulatory requirements and best practices.

Ensure Cybersecurity Risk Management: To identify and assess cybersecurity risks to improve security posture and reduce impact.

Uphold Cybersecurity Compliance: To assure cybersecurity compliance requirements are audited and remediated accordingly.

Improve Cybersecurity GRC Operations: To enhance various GRC assessments and activities and be more agile in a fast-paced enterprise

• Perform assessments based on NCA regulations (such as ECC and OSMACC) and the client standards.
• Track findings, communicate with internal stakeholders, and validate evidences.
• Support in internal audit activities.
• Support in external audit activities (ISO27001).
• Prepare weekly and monthly status report for compliance status.

• Perform risk assessments for new solutions and third parties, as well as major technology changes.
• Maintain risk register, follow up on mitigation plan with stakeholders and validate evidences.
• Represent cybersecurity in IT demand management and IT change management.
• Participate and develop Root Cause Analysis corrective actions resulting from Cybersecurity incidents.
• Prepare weekly and monthly status report.

• Review and update cybersecurity documentation such as standards and policies, as well as other documents part of cybersecurity governance framework.
• Develop new standards, processes, and procedures.
• Monitor cyber practices and operational KPIs.
• Create a governance review plan.

The candidate should be aware of the following frameworks

• NCA – ECC National Cybersecurity Authority - Essential Cybersecurity Controls – ECC–1:2018
• NCA – CCC National Cybersecurity Authority - Cloud Cybersecurity Controls –CCC–1:2020
• NCA – TCC TCC–1:2021
• NCA – OSMACC National Cybersecurity Authority – Organization’s Social Media Accounts Cybersecurity Controls –OSMACC–1:2021
• NCA – DCC National Cybersecurity Authority - Data Cybersecurity Controls – DCC–1:2022
• NDMO National Data Management Office Regulations and Standards
• ISO27001: 2022 ISO (International Organization for Standardization) 27001 SO/IEC 27001:2022 standard for Information Security Management Systems (ISMS)

Cybersecurity Governance & Compliance Officer "GRC"

• Maintain Cybersecurity Governance: refresh and align cybersecurity governance with regulatory requirements and best practices.
• Ensure Cybersecurity Risk Management: identify and assess cybersecurity risks to improve security posture and reduce impact.
• Uphold Cybersecurity Compliance: assure cybersecurity compliance requirements are audited and remediated accordingly.
• Improve Cybersecurity GRC Operations: enhance various GRC assessments and activities and be more agile in a fast-paced enterprise.

• 5 Years of Experience as a GRC
• The candidate should be aware of the following frameworks:

• NCA - ECC National Cybersecurity Authority - Essential Cybersecurity Controls - ECC-1:2018
• NCA - CCC National Cybersecurity Authority - Cloud Cybersecurity Controls - CCC-1:2020
• NCA - TCC TCC-1:2021
• NCA - OSMACC National Cybersecurity Authority - Organization's Social Media Accounts Cybersecurity Controls - OSMACC-1:2021
• NCA - DCC National Cybersecurity Authority - Data Cybersecurity Controls - DCC-1:2022
• NDMO National Data Management Office Regulations and Standards
• ISO27001: 2022 ISO (International Organization for Standardization) 27001 SO/IEC 27001:2022 standard for Information Security Management Systems (ISMS)

• Mid-Senior level

• Full-time

• Information Technology

• IT Services and IT Consulting

Maintain Cybersecurity Governance: To refresh and align cybersecurity governance with regulatory requirements and best practices.

Ensure Cybersecurity Risk Management: To identify and assess cybersecurity risks to improve security posture and reduce impact.

Uphold Cybersecurity Compliance: To assure cybersecurity compliance requirements are audited and remediated accordingly.

Improve Cybersecurity GRC Operations: To enhance various GRC assessments and activities and be more agile in a fast-paced enterprise

• Perform assessments based on NCA regulations (such as ECC and OSMACC) and the client standards.
• Track findings, communicate with internal stakeholders, and validate evidences.
• Support in internal audit activities.
• Support in external audit activities (ISO27001).
• Prepare weekly and monthly status report for compliance status.

• Perform risk assessments for new solutions and third parties, as well as major technology changes.
• Maintain risk register, follow up on mitigation plan with stakeholders and validate evidences.
• Represent cybersecurity in IT demand management and IT change management.
• Participate and develop Root Cause Analysis corrective actions resulting from Cybersecurity incidents.
• Prepare weekly and monthly status report.

• Review and update cybersecurity documentation such as standards and policies, as well as other documents part of cybersecurity governance framework.
• Develop new standards, processes, and procedures.
• Monitor cyber practices and operational KPIs.
• Create a governance review plan.

The candidate should be aware of the following frameworks

• NCA – ECC National Cybersecurity Authority - Essential Cybersecurity Controls – ECC–1:2018
• NCA – CCC National Cybersecurity Authority - Cloud Cybersecurity Controls –CCC–1:2020
• NCA – TCC TCC–1:2021
• NCA – OSMACC National Cybersecurity Authority – Organization’s Social Media Accounts Cybersecurity Controls –OSMACC–1:2021
• NCA – DCC National Cybersecurity Authority - Data Cybersecurity Controls – DCC–1:2022
• NDMO National Data Management Office Regulations and Standards
• ISO27001: 2022 ISO (International Organization for Standardization) 27001 SO/IEC 27001:2022 standard for Information Security Management Systems (ISMS)

We are looking for a virtual cybersecurity or compliance expert to guide our security posture, particularly as we move into regulated spaces like auto-financing. The role is ideal for someone with extensive regulatory familiarity and previous experience operating in a strategic advisory capacity.

• Lead compliance audits aligned with KSA regulations , especially SAMA frameworks
• Review and implement data security strategies across departments
• Support regulatory submissions and responses for fintech operations
• Oversee documentation and data protection practices
• Coordinate with product and legal teams to maintain standards

• Saudi national6+ years experience
• Deep understanding of SAMA regulatory requirements and KSA cybersecurity law
• Prior role as vCISO or senior security/compliance consultant
• Experience operating through or with an agency setup (ideal)
• Familiarity with ISO 27001, NIST, SOC 2 compliance standards
• Ability to lead cross-functional audit and compliance efforts across departments

We are looking for a virtual cybersecurity or compliance expert to guide our security posture, particularly as we move into regulated spaces like auto-financing. The role is ideal for someone with extensive regulatory familiarity and previous experience operating in a strategic advisory capacity.

• Lead compliance audits aligned with KSA regulations , especially SAMA frameworks
• Review and implement data security strategies across departments
• Support regulatory submissions and responses for fintech operations
• Oversee documentation and data protection practices
• Coordinate with product and legal teams to maintain standards

• Saudi national6+ years experience
• Deep understanding of SAMA regulatory requirements and KSA cybersecurity law
• Prior role as vCISO or senior security/compliance consultant
• Experience operating through or with an agency setup (ideal)
• Familiarity with ISO 27001, NIST, SOC 2 compliance standards
• Ability to lead cross-functional audit and compliance efforts across departments

• Opportunity to be part of a Global Asset Manager
• Strong Compensation Package

• Opportunity to be part of a Global Asset Manager
• Strong Compensation Package

• The duties and responsibilities of this position will include, but are not limited to the following:Develop and manage an effective compliance monitoring system for the company's financial investments to ensure compliance with all applicable Capital Market Authority and other laws and regulations.

• Manage an effective Anti-Money Laundering and Know Your Client on-boarding and on-going monitoring program.

• Make submissions to the CMA on all offerings in Saudi Arabia and liaise with the CMA in this regard.

• Carry out the Corporate Secretarial function in relation to all Board, committee and shareholder meetings.

• Provide advice to the Board and its Committees, the Chief Executive Officer and management with respect to compliance with:- Saudi Arabian law: e.g. company law, banking law, capital markets law, employment legislation, social security and health and safety legislation; the regulations, circulars and rules of the Capital Market Authority; Group's Code of Conduct.

• Make recommendations whenever necessary in order to ensure that Saudi Arabian laws and regulations are being complied with.

• Develop and maintain appropriate policies and procedures manuals that implement all applicable Saudi Arabian regulatory requirements.
• Conduct on-going training for all staff on the applicable laws and regulations and internal policies and procedures.
• Establish prompt mechanisms for reporting and resolving non-compliance with Saudi Arabian laws and regulations and supervisory requirements.
• Communicate material breaches of compliance to the appropriate levels of the management so as to ensure that they are adequately addressed and that the appropriate action is undertaken.
• Ensure CMA inspection reports and copies of all correspondence with the CMA are properly actioned.
• Compile and maintain a comprehensive database on the statutory records of the Saudi Arabia entity.
• Ensure that the Compliance Monitoring Program is strictly adhered to.
• Review the Capital Market Authority rule book and compliance requirements to ensure that Saudi Arabia entity satisfies all regulatory requirements. Alert the senior management and the directors of any new circulars from Saudi Arabian regulators or auditors etc.
• Ensure that the Saudi Arabia entity has an effective Business Continuity and Disaster Recovery Plan that meet with Group's criteria and the requirements of the CMA.
• Work with the Administration Department of the company, to ensure that they hold adequate insurance cover for all possible risks and that expert advice is obtained on a regular basis to ensure that the Saudi Arabia entity is not left at risk.
• Perform other tasks that could be assigned to you from time to time.

• 
  
  CME-2 certification and prior authorisation by the Capital Market Authority (CMA) as a Compliance Officer and/or MLRO.
• 
  
  Proven experience in compliance, AML, and corporate governance within a CMA-regulated financial institution .
• 
  
  Strong knowledge of CMA regulations and relevant Saudi Arabian laws (company, banking, capital markets, AML, employment, etc.).
• 
  
  Demonstrated ability to develop and implement compliance monitoring frameworks and AML/KYC programs.
• 
  
  Excellent relationship management skills with experience liaising directly with regulators and senior stakeholders.
• 
  
  High attention to detail, strong problem-solving skills, and the ability to make sound judgements on regulatory matters.
• 
  
  Strong communication skills in Arabic

• Opportunity to be part of a Global Asset Manager
• Strong Compensation Package