bayt.com
Job Description
Urgent need for well-known company in KSA/ Al Khobar for the following position:
- Chief information security officer
- Saudi Nationality
Job Purpose:
To integrate security policies and protection strategies with IT systems development and collaborate with key people within the business to create an IT security risk management programmed. This means working with senior management to make sure that IT security policies are deployed, revised, sustained and overseen effectively. Also to work on Cybersecurity Framework published by SAMA
Educational Qualifications:
- Bachelor’s degree or higher, computer since + CISSP, CRISC, CISM.
- Master degree in information and cyber security or related science.
For interested candidate please share your CV at the following email:
Skills
Responsibilities:
- Strategy Development: Develop and maintain the organization’s information security strategy, aligned with business goals and industry best practices.
- Risk Management: Identify, assess, and prioritize cybersecurity risks to the organization’s information assets, and develop risk mitigation plans and strategies.
- Security Architecture: Design, implement, and maintain a robust security architecture that provides defense in depth and encompasses network security, endpoint security, cloud security, identity and access management, and data protection.
- Policy and Compliance: Establish and enforce information security policies, standards, and procedures to ensure compliance with relevant regulations (e.g., GDPR, HIPAA, PCI DSS) and industry frameworks (e.g., NIST, ISO 27001).
- Incident Response: Develop and oversee incident response plans and procedures to effectively respond to and recover from cybersecurity incidents, including data breaches, malware infections, and denial-of-service attacks.
- Security Awareness: Promote a culture of security awareness and training among employees, contractors, and third-party vendors to ensure they understand their roles and responsibilities in protecting sensitive information.
- Vendor Management: Evaluate the security posture of third-party vendors and service providers, and establish security requirements and controls in vendor contracts and agreements.
- Security Operations: Oversee the day-to-day operations of the security team, including monitoring security events, investigating suspicious activities, and managing security incidents.
- Budget and Resource Management: Develop and manage the information security budget, and allocate resources effectively to support security initiatives and projects.
- Reporting and Communication: Provide regular updates and reports to executive leadership and the board of directors on the organization’s cybersecurity posture, including key metrics, vulnerabilities, and emerging threats.
>