Job Title: Cyber Security Director (CISO)
Location: Riyadh, Saudi Arabia
Department: Information Technology / Cyber Security
Job Summary
We are seeking a highly experienced and strategic Cyber Security Director (Chief Information Security Officer CISO) to lead and oversee the organization's cyber and information security strategy. The role is responsible for establishing a robust security framework, ensuring regulatory compliance, managing cyber risk, and safeguarding the organization's information assets in alignment with Company's overall vision and mission.
Qualifications & Experience
- Bachelor's or Master's degree in Information Security, Cyber Security, Computer Science, IT, or a related field.
- Minimum 15 years of progressive experience in IT and Cyber Security, with at least 5+ years in a leadership role.
- Proven experience in developing and implementing enterprise-wide cyber security strategies.
- Strong knowledge of regulatory frameworks and standards (e.g., NCA, SAMA, ISO 27001, NIST, etc.).
- Experience in cyber risk management, incident response, governance, and compliance.
- Relevant certifications such as CISSP, CISM, CISA, CRISC, or equivalent are highly preferred.
Key Responsibilities
1. Managerial Responsibilities
- Contribute to the department's strategy in alignment with company's overall vision and mission.
- Develop departmental objectives, KPIs, and annual operational plans, ensuring execution meets defined targets.
- Contribute to the preparation of the department's annual budget and monitor financial performance.
- Implement and enforce departmental policies and procedures.
- Oversee overall departmental performance, ensuring KPIs are properly developed, cascaded, communicated, and monitored.
- Ensure effective staffing, workforce planning, professional development, and optimal deployment of team members.
2. Functional Responsibilities
- Develop, implement, and maintain the organization's cyber and information security strategy, architecture, policies, and risk management framework.
- Establish and maintain a comprehensive cyber-security framework, including forensic capabilities and end-to-end processes for threat detection, root cause analysis, response, and containment.
- Evaluate and recommend appropriate hardware and software solutions to protect information systems from unauthorized access and misuse.
- Ensure company maintains a robust cyber and information security framework aligned with defined maturity levels and regulatory requirements.
- Oversee the implementation and administration of security best practices, including cyber security governance and safe harbor processes.
- Establish, approve, and implement detailed security standards and procedures.
- Monitor emerging cyber security trends, threats, technologies, and services, recommending improvements and innovations.
- Ensure compliance with evolving laws, regulations, and industry standards.
- Lead the organization's cyber resilience strategy and incident response management.
- Perform any additional job-related duties as assigned by senior management.
