Head of Cybersecurity Strategy and Program Management Unit

Role Purpose

Lead the development and execution of Riyad Banks enterprise-wide cybersecurity strategy and manage all cybersecurity programs and projects. This role ensures cybersecurity initiatives are aligned with business priorities regulatory requirements and technology roadmaps while improving overall security maturity and risk management.

Key Responsibilities

Cybersecurity Strategy

• Develop maintain and enhance the enterprise cybersecurity strategy.
• Align cybersecurity goals with business and technology priorities.
• Conduct current-state assessments and define future-state roadmaps.
• Analyze emerging threats and technologies to guide strategic decisions.
• Present strategy updates and recommendations to senior leadership.
• Define and track cybersecurity KPIs and capabilitymaturity metrics.

Program & Project Management

• Oversee planning execution and governance of cybersecurity programs.
• Develop and manage budgets resource plans and annual forecasts.
• Ensure projects are delivered within scope budget and timelines.
• Standardize program management processes across the cybersecurity function.
• Monitor progress manage risks and escalate issues as needed.
• Conduct postimplementation reviews and drive continuous improvement.

Stakeholder Engagement

• Represent cybersecurity in internal/external committees and governance forums.
• Collaborate with business units IT and executive leadership to ensure alignment.
• Deliver reports dashboards and presentations to senior stakeholders.

Compliance Quality & Improvement

• Ensure alignment with regulatory frameworks (NCA ECC SAMA etc.).
• Identify and implement process improvements using global best practices.
• Adhere to safety quality and environmental standards.

Qualifications

• Masters degree in Cybersecurity IT Computer Science or related field.
• Professional certifications such as CISSP CISM or CISA preferred.
• 810 years of cybersecurity experience including 3 years in leadership.
• Proficiency in English.

Technical Skills

• Strong knowledge of ISO 27001 NIST CSF COBIT and ISMS.
• Familiarity with regulatory requirements (NCA SAMA).
• Understanding of emerging technologies (AI/ML cloud IoT blockchain).
• Experience with security tools (SIEM IAM DLP EDR).
• Strong budgeting planning and stakeholdermanagement skills.
• Ability to communicate technical concepts to nontechnical audiences.

Core Competencies

• Communication Excellence
• Digital Orientation
• Service Excellence
• Risk Orientation
• Stakeholder Management
• Building HighPerformance Teams