Senior information and cyber security

Responsibilities:

• Plan and develop security measures to safeguard information against accidental or unauthorized modification, destruction, or disclosure.
• Report on the security posture of the organization based on the statistics and KPIs collected from Information security systems within the organization.
• Ensure the security policy is enforced on all employees by monitoring deviations.
• Proactively protect the integrity, confidentiality, and availability of information processed by and/or in the custody of the organization
• Prepare security status and statistics on a timely basis and present to the information security manager
• Conduct in-depth comprehensive security reviews of Network, system, application, and security tools configurations against established security standards (e.g., ISO 27001 Controls, NIST CSF, PCI DSS, NCA, and SAMA CSF).
• Develop and implement security policies, procedures, and guidelines.
• Proactively communicate security risks and best practices to stakeholders.
• Participate in GRC activities and contribute to the development of security artifacts.
• Design and implement effective risk assessment methodologies.
• Oversee the selection, implementation, and maintenance of GRC tools and technologies.
• Foster a culture of security awareness and compliance within the organization.
• Develop and implement a robust BCP that outlines mitigation strategies, recovery procedures, and communication plans for various disruption scenarios.
• Work collaboratively with department heads across the organization to ensure their teams are actively involved in BCP development and testing.
• Facilitate and oversee BCP testing exercises to assess the program's effectiveness and identify areas for improvement.
• Maintain and update the BCP to reflect changes in the organization's business environment, technology infrastructure, and regulatory landscape.
• Perform and maintain business impact analysis BIA.
• Lead the response and recovery efforts during incidents, ensuring timely and efficient execution of the BCP.

Requirements

• Bachelor's degree in Computer Science, Information Security, or related field.
• Minimum 4 years of experience in a cyber security role.
• Experience within financial services areas is preferred.
• Strong knowledge of Security Methodologies and Frameworks.
• Proven track record of successfully developing and implementing GRC programs.
• Deep understanding of relevant standards and frameworks (SAMA