Information Security Manager Job Riyadh area,Riyadh Region Saudi Arabia,IT/Tech

Reporting to the General Manager, the Information Security Manager is responsible for developing, implementing, and maintaining the branch's information security strategy.
The role involves ensuring compliance with regulatory requirements (e.g., SAMA), managing cybersecurity risks, protecting critical systems and data, and overseeing incident response processes.
The candidate will also manage relationships with vendors, regulators, and internal departments to ensure the branch's information security framework aligns with business objectives and industry standards.

Key Responsibilities:

Strategic Planning & Compliance

Develop and implement the branch's information security policies, procedures, and strategies.
Ensure compliance with SAMA regulations and other applicable regulatory frameworks.
Conduct regular reviews of security policies to align with evolving threats and regulations.
Identify, analyze, and mitigate cybersecurity risks across all systems and operations.
Perform regular risk assessments and vulnerability testing to identify potential weaknesses.
Develop and maintain a robust incident response plan to address security breaches.

System Security & Operations

Oversee the implementation of security measures for critical systems such as SARIE and TANFEETH.
Monitor network activity to detect unauthorized access or suspicious behavior.
Manage firewalls, intrusion detection/prevention systems (IDS/IPS), endpoint protection, and encryption tools.
Collaborate with third-party vendors for procurement of security solutions (software/hardware).
Manage maintenance agreements for security tools and services.
Oversee the allocation of budgets for information security initiatives.
Work closely with internal departments to ensure secure system integration and data protection.
Act as a liaison between the branch, SAMA, auditors, and other regulatory bodies regarding information security matters.
Provide guidance to employees on best practices for cybersecurity awareness.
Design and execute cybersecurity drills to test the branch's readiness for potential attacks.
Lead post-incident investigations to identify root causes and implement corrective actions.
Conduct regular training sessions for staff on cybersecurity awareness and best practices.
Stay updated on emerging threats, vulnerabilities, and technologies in the field of information security.

Required Qualifications:

Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or related fields.
Minimum 8 years of experience in information security management or related roles.
Experience in banking/financial services is highly desirable.
Professional certifications such as CISSP, CISM, CISA, CEH, or equivalent are preferred.
Familiarity with SARIE/TANFEETH systems is advantageous.
Knowledge of SAMA regulations related to cybersecurity is highly desirable.

Ideal Candidate Profile:

A seasoned professional with extensive experience in managing cybersecurity frameworks within financial institutions.
Strong understanding of regulatory frameworks (SAMA) governing information security in Saudi Arabia.
Proven ability to lead cross-functional teams during incident response scenarios while maintaining business continuity.
Technical expertise in areas such as network security, endpoint protection, encryption protocols, vulnerability management, and disaster recovery planning.
Holds relevant certifications (e.g., CISSP/CISM) that demonstrate advanced knowledge of information security principles.
Multilingual capabilities (English/Chinese) are an added advantage for communication with diverse stakeholders.

#J-18808-Ljbffr


Increase/decrease your Search Radius (miles)



Job Posting Language