الوظائف الحالية

Responsibilities:

• Supervise the implementation of Cybersecurity Strategy, Policies, Standards, and Processes.
• Periodically review and update cybersecurity operating model, ensuring its alignment with all relevant cybersecurity regulations and organizational changes.
• Periodically review and update cybersecurity policies, standards, and processes, ensuring their alignment with all relevant cybersecurity regulations and risk profile.
• Continuously review compliance with relevant cybersecurity regulations and contractual obligations, through periodic compliance reviews and compliance KPIs monitoring.
• Continuously review compliance with internal cybersecurity policies, standards, and processes, through periodic compliance reviews and compliance KPIs monitoring.
• Periodically update the compliance tracking tool and follow up with relevant stakeholders.
• Continuously review systems and services compliance with cybersecurity regulations and internal policies, standards, and processes, through periodic technical compliance reviews, such as configuration reviews, penetration tests, architecture reviews, etc.
• Conduct periodic entity-level cybersecurity risk assessments and maintain entity risk register.
• Conduct risk assessments, requirements identification, and acceptance testing when planning and releasing new services and systems.
• Conduct risk assessments, requirements identification, and acceptance testing when planning or deploying major changes to services/systems.
• Conduct risk assessments, requirements identification, and contract development support when planning the use of third parties.
• Continuously review third parties’ compliance with cybersecurity obligations included in contracts and advise team on proper corrective actions.
• Periodically measure strategic and operational KPIs and update the monitoring dashboard.
• Provide cybersecurity consultancy to different relevant stakeholders.
• Provide the needed support during internal cybersecurity audits, and external cybersecurity audits (i.e., NCA Audits, etc.).
• Implement the Cybersecurity Awareness Program.
• Ensure the integration of cybersecurity requirements into business processes.
• Follow up with risk owners on the implementation of risk treatment plans.
• Follow up on the closure of cybersecurity vulnerabilities as per agreed plans.

Qualifications:

• Bachelor’s or master’s in computer science, information security, or equivalent.
• Saudi Nationality.
• At least 5 years of experience in Cybersecurity including at least 3 years in GRC.
• Professional certifications such as Security+, CISM, ISO 27001 LI, GSEC, or equivalent.
• Good knowledge of cybersecurity regulations and standards, such as NCA ECC, ISO, and NIST.
• Good experience in developing and reviewing cybersecurity policies, standards, and processes.
• Good experience in conducting cybersecurity risk assessments.
• Excellent communication and presentation skills.
• Excellent experience in cybersecurity governance, risk, and compliance practices.