Job Title: Lead Information Security Officer
Sector: Financial Service
Location: Riyadh, Saudi Arabia
Reporting to: Regional Information Security Officer Director
We are currently representing a global financial services company, providing wealth management, investment banking, and asset management services to clients worldwide to a recruit a highly skilled and experienced Lead Information Security Officer to lead the information security initiatives in Saudi Arabia. The ideal candidate will have a deep understanding of cybersecurity frameworks, risk management, and regulatory compliance, with the ability to develop and implement robust security strategies.
Key Responsibilities:
- Leadership and Strategy: Develop and execute the information security strategy aligned with the company's global security framework and regional regulatory requirements. Lead a team of security professionals, fostering a culture of security awareness and excellence.
- Risk Management: Conduct risk assessments and vulnerability analyses to identify potential threats and implement mitigation strategies. Oversee incident response processes, ensuring timely identification and resolution of security incidents.
- Compliance: Ensure compliance with relevant regulations and industry standards, including SAMA guidelines and international frameworks (ISO 27001, NIST, etc.). Collaborate with internal and external auditors during compliance audits.
- Stakeholder Engagement: Act as the primary point of contact for all security-related matters, collaborating with various departments to promote best practices. Provide regular updates to senior management on security posture and risk management initiatives.
- Continuous Improvement: Stay updated on emerging threats and trends in cybersecurity, recommending enhancements to security policies and procedures. Lead training and awareness programs to educate employees about security risks and best practices.
Qualifications:
- Bachelor's degree in Information Technology, Cybersecurity, or a related field; Master's degree preferred.
- 8+ years of experience in information security, with a minimum of 3 years in a leadership role.
- Strong knowledge of information security principles, frameworks, and technologies.
- Proven experience in risk management and incident response.
- Relevant certifications (CISSP, CISM, CISA, etc.) are highly desirable.
- Excellent communication and interpersonal skills, with the ability to work collaboratively across teams.
- Fluency in Arabic and English is mandatory.
