Head of Cybersecurity Demand Management Unit

JOB DETAILS:

JOB PURPOSE / ROLE:

To lead the demand management unit within Riyad Banks cybersecurity department ensuring that service requests are effectively prioritized coordinated and fulfilled in alignment with business needs. This role is responsible for stakeholder engagement operational efficiency and continuous improvement of cybersecurity service delivery.

AREAS OF RESPONSIBILITY:

Policies Processes & Procedures

Follow all relevant departmental policies processes standard operating procedures and instructions so that work is carried out in a controlled and consistent manner.

Ensure that team members are also aware of and compliant with both departmental and organizational policies and procedures.

Day-to-day operations

Follows the day-to-day operations related to own job to ensure continuity of work.

Management

• Coordinate and manage cybersecurity service requests efficiently across Riyad Bank to ensure timely fulfillment.
• Ensure adherence to Service Level Agreements (SLAs) and Operational Level Agreements (OLAs) by CISD to achieve consistent and high-quality service delivery.
• Develop and maintain the cybersecurity service catalog ensuring it is up-to-date and reflective of current capabilities and offerings.
• Monitor and analyze performance metrics to ensure service delivery aligns with the departments goals and objectives.
• Collaborate with other CISD departments and departments to resolve service delivery issues.
• Develop strategies to improve service management practices aiming for efficiency gains and reduced service downtime.
• Communicate effectively with stakeholders regarding service performance improvement initiatives and strategic alignment.
• Conduct regular reviews and assessments of service delivery processes to identify opportunities for improvement and innovation.
• Facilitate training and awareness programs for service request management to maintain high standards across the team.
• Manage and prioritize incoming service requests to ensure resources are allocated effectively and efficiently.
• Act as a liaison between cybersecurity teams and other business units to ensure understanding and transparency in service offerings.
• Lead efforts to adopt best practices and industry standards within the service management framework to improve overall service quality.
• Ensure compliance with regulatory requirements and internal policies related to service management and delivery.
• Oversee change management related processes within the cybersecurity domain ensuring alignment with organizational change management frameworks.
• Ensure all cybersecurity changes comply with change management policies regulatory requirements and security governance frameworks.
• Lead comprehensive change risk assessments for cybersecurity modifications evaluating potential security operational and business impacts.
• Facilitate training and awareness programs for change management specific to cybersecurity changes for technical teams and business stakeholders.
• Implement change management practices in response to service demands to ensure minimal disruption and seamless integration.
• Oversee change impact analyses to determine the potential benefits and risks associated with proposed changes.
• Facilitate post-implementation reviews to evaluate the effectiveness of changes and identify areas for further improvement.
• Develop strategies to manage change-related risks and ensure continuity of service delivery during transformation initiatives.
• Participate in the recruitment process related to their own unit.
• Access and Exceptional Requests Review
• Oversee management and review of user access rights and exceptional access requests to ensure they are appropriate justified and compliant with the existing policies of Riyad Bank.
• Lead periodic access reviews and approval workflows for exceptions.
• Manage review and documentation of access changes across Riyad Banks security and IT systems.
• Supervise access governance processes and compliance with regulatory requirements.
• Coordinate with Business Technology and other security units for access control implementation and monitoring.
• Report periodic access review outcomes and exception trends to the Section Lead.
• Escalate high-risk access anomalies or policy violations for further action.

Continuous Improvement

Contributes to the identification of opportunities for continuous improvement of processes and practices considering international best practice improvement of business processes cost reduction and productivity improvement environment.

Reporting

Assists in the preparation of a timely and accurate report of Riyad Bank to meet company and department requirements policies and standards.

Safety Quality & Environment

Complies with all relevant safety quality and environmental management procedures and controls to ensure a healthy and safe work environment.

People Management

• Ensures all staff have clear objectives regular performance feedback sessions formal annual appraisals and individual development plans with particular emphasis on the development of talented Saudi national staff.
• Ensures and facilitates the employment training and development of staff within the section.

Related Assignments

Performs other related duties or assignments as directed within the confinement of the departmental roles and responsibilities.

QUALIFICATIONS & EXPERIENCE:

Minimum Qualifications: Bachelors degree in Computer Science Information Technology or equivalent.

Minimum Experience: 68 years of experience in IT or cybersecurity service management with at least 2 years in a leadership or coordination role. 13 years experience within the financial sector.

Language: Proficiency in English is required

TECHNICAL KNOWLEDGE AREAS:

• Proficiency with IT service management (ITSM) platforms such as tracking service requests and changes.
• Understanding of change management methodologies and frameworks such as ITIL COBIT and their application in service delivery and change control.
• Knowledge of local regulation such as SAMA and NCA requirements towards financial sector entities.
• Knowledge of fundamental cybersecurity principles to effectively manage service requests and assess change impacts on security posture.
• Ability to design and utilize metrics to evaluate service delivery performance and change management effectiveness.
• Understanding of enterprise IT architecture to comprehend how changes impact different systems and services.
• Expertise in performing change impact analysis to predict potential disruptions and devise mitigation strategies.
• Proficiency in using collaboration platforms for effective stakeholder communication and coordination.
• Knowledge of industry best practices for service management and change control to ensure efficient process design and execution.

CORE COMPETENCIES:

• Communication Excellence (The knowledge skills and ability to listen to others and expresses oneself in a clear and effective manner that helps achieves the desired results.)
• Digital Orientation (The knowledge skills and ability to use digital technologies concepts and methodologies that solves problems innovate communicate and collaborate.)
• Service Excellence (The knowledge skills and ability to understand anticipate and responds proactively to the concerns and needs of internal and external customers acting required to address them.)
• Risk Orientation (The knowledge skills and ability to anticipate and manage the various types of risks that may adversely impact on the organization our customers our people and our shareholders.)
• Learning Agility (The knowledge skills and ability to rapidly understand new situations and new business problems in unpredictable business environments to perform successfully under new or first-time conditions.)
• Strategic Thinking (The knowledge skills and ability to look beyond the current situation develop and inspire commitment to a vision of success while supporting planning for and ensuring alignment with the organizations mission and values.)