Senior Manager - Third Party Security
Job in
Riyadh, Riyadh Region, Saudi Arabia
Listed on 2026-07-07
Listing for:
Qiddiya | القدية
Full Time
position Listed on 2026-07-07
Job specializations:
-
IT/Tech
Cybersecurity, Information Security, IT Project Manager, IT Consultant
Job Description & How to Apply Below
Lead and manage Qiddiya's Third-Party Security Risk Management program to ensure vendors, partners, consultants, and service providers comply with cybersecurity requirements and do not introduce unacceptable risks to Qiddiya's information assets, systems, and operations. The role is responsible for establishing security assessment frameworks, overseeing vendor security reviews, and driving remediation of identified risks. This aligns with industry practices for cybersecurity risk management and third-party oversight.
Key Responsibilities- Develop and maintain the Third-Party Security Risk Management (TPSRM) framework.
- Conduct cybersecurity due diligence and risk assessments for vendors and suppliers.
- Review security requirements during procurement, RFP, and contract stages.
- Assess cloud providers, SaaS platforms, managed service providers, and strategic partners.
- Define vendor security controls aligned with NCA ECC, ISO 27001, NIST, and Qiddiya cybersecurity standards.
- Establish vendor risk classification and assessment methodologies.
- Monitor remediation plans and track closure of identified security gaps.
- Collaborate with Procurement, Legal, Compliance, Enterprise Risk, and Technology teams.
- Lead periodic reassessments of critical vendors.
- Report third-party cyber risks, trends, and KPIs to senior management.
- Manage external security audits, questionnaires, and assurance activities.
- Lead and develop the Third-Party Security team.
- Bachelor's degree in Cybersecurity, Information Security, Computer Science, or related field
- 8-12 years of cybersecurity experience.
- Minimum 4 years in Third-Party Security, Vendor Risk Management, Cybersecurity Risk Management, or GRC.
- Experience with in large enterprises, giga projects, banking, telecom, government, or critical infrastructure environments.
- Experience managing teams and stakeholder engagement at senior levels.
Position Requirements
10+ Years
work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
Search for further Jobs Here:
×