Search by job, company or skills

Saudi Credit Bureau - SIMAH

IT Security Manager

Saudi Credit Bureau - SIMAH
Saudi Arabia, Riyadh
6-8 Years
new job description bg glownew job description bg glownew job description bg svg
  • Posted 14 days ago
  • Be among the first 10 applicants
Early Applicant

Job Description

JOB PURPOSE / ROLE:

  • To manage and operate SIMAH's cybersecurity technologies and controls, ensuring that all deployed security solutions, including SIEM, EDR, NDR, IAM, PAM, DLP, and DAM. They are effectively configured, monitored, and fine-tuned to prevent, detect, and respond to cyber threats. The role serves as the technical enforcement arm of cybersecurity, ensuring that security controls operate reliably and align with SIMAH's cybersecurity strategy, regulatory obligations, and industry best practices.

AREAS OF RESPONSIBILITY:

Security Operations and Control Enforcement:

  • Oversee the day-to-day management, configuration, and continuous tuning of cybersecurity controls, including but not limited to: EDR, NDR, DLP, DAM, PAM, IAM, SAST/DAST, Qualys, Email Security Gateways, MFA Solutions, and SIEM and Log Correlation Platforms.
  • Ensure these solutions are effectively integrated, maintained, and aligned with threat detection and data protection objectives.
  • Lead the operational enforcement of cybersecurity controls as defined by the Cybersecurity Function and ensure compliance with SAMA CSF and NCA ECC.
  • Regularly review alert thresholds, correlation rules, signatures, and policies to minimize false positives and maximize detection efficacy.
  • Oversee the deployment and lifecycle management of security agents across all endpoints and systems.

Policies, Processes & Procedures

  • Follows all relevant functional policies, processes, standard operating procedures, and instructions so that work is carried out in a controlled and consistent manner.

Threat Monitoring, Incident Handling, and Response Support:

  • Investigate alerts and incidents in collaboration with the Cyber Defense (SOC) team, ensuring timely containment and remediation.
  • Maintain security baselines, signatures, and rule updates across all technologies to ensure optimal defense readiness.
  • Support the Cyber Defense function by providing system-level data, logs, and technical insights for deeper investigation.

Configuration, Hardening, and System Security Management

  • Periodically validate patch compliance and vulnerability closure status across infrastructure layers.
  • Conduct regular configuration reviews of firewall rules, network segmentation, and endpoint protection policies.
  • Implement least-privilege principles across user and service accounts, integrating with IAM and PAM controls.
  • Oversee encryption, key management, and secure configuration of critical infrastructure components.

Security Tool Administration and Continuous Optimization

  • Act as the primary administrator of cybersecurity technology platforms deployed within SIMAH's environment.
  • Ensure solution health, performance, and version updates are regularly maintained.
  • Perform continuous improvement and optimization of rule sets, policies, and detection logic based on emerging threats, incidents, and audit findings.
  • Coordinate with vendors for system upgrades, bug fixes, and performance enhancements.
  • Maintain integration between solutions (e.g., SIEM, EDR, PAM, IAM, DLP, interoperability).

Governance, Reporting, and Compliance Support

  • Provide evidence, reports, and control status updates to support regulatory compliance with SAMA CSF, NCA ECC, and PDPL.
  • Collaborate with the Cybersecurity GRC function to ensure all deployed controls are operating as designed and properly mapped to framework requirements.
  • Participate in internal and external audits, facilitating technical validation and corrective action implementation.

Continuous Improvement and Innovation

  • Recommend modernization or consolidation initiatives for improved cost-effectiveness and coverage.
  • Support pilot projects and PoCs for new cybersecurity solutions planned under SIMAH's Cybersecurity Function (e.g., XDR, AI-based analytics, SOAR integration).

People Management

  • Ensures subordinates have clear objectives, regular performance feedback sessions, formal annual appraisals, and individual development plans, with particular emphasis on the development of talented Saudi national staff

Reporting

  • Assists in the preparation of timely and accurate reports of SIMAH to meet company and department requirements, policies and standards

QUALIFICATIONS & EXPERIENCE:

Minimum Qualifications:

  • Bachelor's degree in information technology, Computer Science, Information Security, or related field.
  • Professional certifications such as CISSP, CISM, GIAC GCIA/GCED are preferred.

Minimum Experience:

  • 6-8 years of relevant experience in IT security operations, system administration, and cybersecurity tool management.
  • Hands-on experience managing technologies such as EDR, SIEM, PAM, IAM, DLP, and DAM.
  • Familiarity with firewall management, endpoint protection, vulnerability remediation, and log correlation.
  • Strong understanding of SAMA CSF, NCA ECC, ISO 27001, and NIST 800-53 control requirements.

Language:

  • English: Advanced

SOFT SKILLS & TECHNICAL KNOWLEDGE AREAS:

  • Excellent knowledge of IT Security Operations
  • Advanced knowledge and understanding of information security and relevant tools and systems, such as Email Gateway, Network Scanning tools, Antivirus, Sandboxing Technologies, MFA, EDR, DLP, PAM, IAM, intrusion detection and prevention systems, vulnerability management systems, etc.

More Info

Job Type:
Permanent Job
Industry:
Other
Function:
Cybersecurity
Employment Type:
Full time

Job ID: 134318609

Jobs by Skill - IT
Jobs by Skill - Non IT
International Jobs
Last Updated: 18-12-2025 00:38:24 AM
Homejobs in Saudi ArabiaIT Security Manager