Chief Information Security Officer (CISO) (Saudi National)

We are hiring a CISO to join one of our enterprise clients to work closely with the stakeholders to ensure that cyber security meets objectives across our organization. Responsible for various tasks, including process re-engineering and documentation of activities related to this area.

CISO responsibilities include using their skills to detect insecure features and malicious activities within our Cloud and infrastructure. They will implement customized application security assessments for client-based asset risk, and corporate policy compliance as well as conduct vulnerability assessments.

Education:

• Degree in computer science with 5+ years of IS experience
  
• SANS / CCSP / CISA /CISM / CISSP certifications are preferable.
  

Nationality:

• Saudi Nationality Only.
  

Main Responsibilities:

• Perform Cyber Security management functions, including Cyber Security administration, operations, monitoring, and response;
  
• Ensure that detailed security standards and procedures are established, approved, and implemented;
  
• Advise and participate in procuring Cyber Security solutions to implement policies and standards;
  
• Ensure developments and implementations are being monitored with regards to confidentiality, integrity, and availability;
  
• Ensure the security of data from internal and external attacks;
  
• Ensure that appropriate access control methods and tools are in place for all systems;
  
• Ensure that methods for data encryption are available and used where appropriate;
  
• Provide guidance and support on Cyber Security practices to IT, operations, and end-user support staff to ensure that systems in use provide adequate Cyber Security;
  
• Assess the business needs versus the associated risk of all services permitted through the security devices;
  
• Ensure security logs are reviewed on a regular basis;
  
• Ensure regular Cyber Security Assessments and Penetration testing are conducted;
  
• Ensure security monitoring is adequately and efficiently conducted (SOC monitoring) so that timely responses/actions are carried out;
  
• Oversee the investigation of Cyber Security incidents;
  
• Gather and analyze threat intelligence from internal and external sources;
  
• Support other business functions entailing Cyber Security requirements;
  
• Ensure information and system classifications are in place;
  
• Ensure that Cyber Security requirements for significant projects are determined;
  
• Define and conduct the Cyber Security Awareness Programs
  
• Ensure appropriate and sufficient knowledge transfer takes place for staff and stakeholders;
  
• Ensure the KRIs and KPIs of Cyber Security Strategy; Cyber Security Policy and related processes; Cyber Security Standards and Procedures; and key Cyber Security improvements are defined and measured on a timely basis.
  
• Develop and maintain:
  
• Cyber Security Strategy;
  
• Cyber Security Policy and related process(es);
  
• Cyber Security Architecture; and
  
• Cyber Security Risk Management.
  
• Solid understanding of cloud security concepts and Zero Trust principles.
  
• Solid understanding of the DevSecOps model
  
• Hands-on experience in Risks assessment, Governance, and compliance.
  
• Well-versed and practical hands-on experience in managing Cloud-based Infrastructure security.
  
• Hands-on experience in MDM, EDR, DLP solutions, etc..