×
Register Here to Apply for Jobs or Post Jobs. X

Senior Manager - Third Party Security

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: Qiddiya | القدية
Full Time position
Listed on 2026-07-07
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security, IT Project Manager, IT Consultant
Salary/Wage Range or Industry Benchmark: 200000 - 300000 SAR Yearly SAR 200000.00 300000.00 YEAR
Job Description & How to Apply Below

Lead and manage Qiddiya's Third-Party Security Risk Management program to ensure vendors, partners, consultants, and service providers comply with cybersecurity requirements and do not introduce unacceptable risks to Qiddiya's information assets, systems, and operations. The role is responsible for establishing security assessment frameworks, overseeing vendor security reviews, and driving remediation of identified risks. This aligns with industry practices for cybersecurity risk management and third-party oversight.

Key Responsibilities
  • Develop and maintain the Third-Party Security Risk Management (TPSRM) framework.
  • Conduct cybersecurity due diligence and risk assessments for vendors and suppliers.
  • Review security requirements during procurement, RFP, and contract stages.
  • Assess cloud providers, SaaS platforms, managed service providers, and strategic partners.
  • Define vendor security controls aligned with NCA ECC, ISO 27001, NIST, and Qiddiya cybersecurity standards.
  • Establish vendor risk classification and assessment methodologies.
  • Monitor remediation plans and track closure of identified security gaps.
  • Collaborate with Procurement, Legal, Compliance, Enterprise Risk, and Technology teams.
  • Lead periodic reassessments of critical vendors.
  • Report third-party cyber risks, trends, and KPIs to senior management.
  • Manage external security audits, questionnaires, and assurance activities.
  • Lead and develop the Third-Party Security team.
Requirements
  • Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related field
  • 8-12 years of cybersecurity experience.
  • Minimum 4 years in Third-Party Security, Vendor Risk Management, Cybersecurity Risk Management, or GRC.
  • Experience with in large enterprises, giga projects, banking, telecom, government, or critical infrastructure environments.
  • Experience managing teams and stakeholder engagement at senior levels.
#J-18808-Ljbffr
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)
0
200
Filters
Education Level
Experience Level (years)
Posted in last:
Salary