Senior Manager Cybersecurity

Duties and Responsibilities

Strategic Oversight: Define and drive the overall cybersecurity strategy across GRC, Operations, and Data Protection functions. Ensure alignment between cybersecurity initiatives and business objectives.

Governance, Risk & Compliance (GRC): Oversee development and continuous improvement of cybersecurity policies and procedures aligned with NCA, ISO 27001, and NIST. Ensure enterprise-wide risk management practices, including risk assessments, risk registers, and treatment plans. Monitor compliance posture and report cybersecurity KPIs and risks to executive management.

Cybersecurity Operations: Oversee cybersecurity operations including SOC, incident response, vulnerability management, and threat intelligence. Ensure effective detection, response, and recovery capabilities (MTTD, MTTR). Direct handling of major incidents and ensure proper escalation and reporting to NCA.

Data Protection & Privacy (NDMO & PDPL): Ensure compliance with NDMO Data Governance and PDPL regulations. Oversee implementation of data classification, data protection, and data lifecycle management. Ensure mechanisms for consent management, Data Subject Rights (DSR), and data retention. Implement relevant policies.

Cross-Functional Integration: Ensure alignment and integration between GRC, Operations, and Data functions. Embed cybersecurity and data protection requirements into business processes, procurement, and digital initiatives. Secure by Design.

Third-Party & Supply Chain Security: Oversee third-party risk management ensuring vendor compliance with NCA and data protection regulations.

Audit & Assurance: Lead internal and external audits across cybersecurity and data protection domains. Ensure timely remediation of findings and compliance gaps.

Business Continuity & Resilience: Ensure cybersecurity strategies and controls are fully integrated with the organization’s Business Continuity Planning (BCP).

Leadership & Resource Management: Lead and manage the three cybersecurity managers in GRC, Operations, and Data. Ensure effective resource allocation, performance management, and team development.

Awareness & Culture: Govern organization-wide cybersecurity and data privacy awareness programs.

Bachelor’s degree in cybersecurity;
Master’s degree in Cybersecurity. 7+ years of experience in cybersecurity.

Deep knowledge of cybersecurity, data protection, and data governance regulations (NCA, NDMO, ISO, and PDPL). Expertise in Governance, Risk, and Compliance (GRC) methodologies. High-level decision-making and strategic thinking. Exceptional leadership and the ability to manage cross-functional teams under pressure. Proficiency in developing and managing Cybersecurity Incident Response Plans (CIRP). Strong expertise across GRC, Security Operations, and Data Privacy domains. Proven ability to lead multi-functional cybersecurity teams.

Strong understanding of incident response, secure architecture, and data protection controls. Ability to translate cybersecurity and data risks into business impact for executive leadership. Bilingual proficiency in Arabic and English.