Security Compliance Officer

Security Compliance Officer Banking Sector (Saudi Arabia)

Job Summary:

We are seeking a detail-oriented and experienced Security Compliance Officer to oversee and manage regulatory compliance activities for a major banking client in Saudi Arabia. The primary responsibility is to ensure full alignment with the Kingdoms cybersecurity regulations especially those issued by the Saudi Arabian Monetary Authority (SAMA) and the National Cybersecurity Authority (NCA). This role is critical to maintaining the banks compliance posture supporting audits and driving remediation efforts across security operations.

Key Responsibilities:

• Act as the primary compliance liaison between the banks security function and regulatory bodies such as SAMA and NCA.

• Monitor and interpret all applicable regulatory and cybersecurity requirements (e.g. SAMA Cybersecurity Framework NCA ECC NCA CSF) and ensure alignment across security operations.

• Maintain and regularly update the compliance control matrix ensuring that all controls are implemented monitored and documented.

• Coordinate internal compliance reviews audits and gap assessments to identify non-conformities or improvement areas.

• Support the development and periodic review of policies procedures and standards in line with regulatory updates and best practices.

• Track and report compliance status and risks to the Security Delivery Lead and bank stakeholders.

• Facilitate timely submission of mandatory reports audit evidence and self-assessments to SAMA or NCA.

• Assist in awareness and training sessions to educate technical and business stakeholders on compliance responsibilities.

• Work collaboratively with engineering teams to ensure regulatory compliance is considered in solution designs and operational processes.

• Drive remediation plans and ensure timely closure of audit findings or compliance gaps.

Required Qualifications:

• Bachelors degree in Information Security Cybersecurity Risk Management or a related field.

• Minimum of 57 years of experience in cybersecurity or information security compliance preferably in the financial or banking sector.

• In-depth knowledge of SAMA Cybersecurity Framework NCA Essential Cybersecurity Controls (ECC) and other relevant KSA regulatory frameworks.

• Experience preparing for and responding to external audits and assessments.

• Strong documentation and report writing skills in English; Arabic language proficiency is an added advantage.

Desired Skills and Certifications:

• Professional certifications such as CRISC CISA ISO 27001 Lead Auditor/Implementer or CISSP.

• Familiarity with ISO 27001 NIST CSF and other international frameworks.

• Strong analytical and problem-solving skills with the ability to interpret complex regulatory texts.

• Effective communication and interpersonal skills with experience engaging senior stakeholders and auditors.

• Experience working with compliance tools or GRC platforms is a plus.

Working Conditions:

• Location: On-site at client premises in Saudi Arabia.

• Working Hours: Sunday to Thursday full-time.

• Must be available for internal and external audits including preparation and on-site support.

• Occasional travel within the Kingdom may be required.

• Must comply with client-specific background checks and clearance procedures.