The Chief Information Security Officer (CISO) is responsible for the overall cybersecurity posture of the company and ensuring compliance with applicable cybersecurity laws and regulations, including the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) within the Kingdom of Saudi Arabia (KSA).
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
As the CISO, you will provide independent executive leadership and oversight across cybersecurity governance, risk management, and security operations. This role requires a pragmatic, business-oriented leader with strong expertise in cybersecurity, cloud security, and modern technology environments capable of identifying, managing, and reporting cybersecurity risks in alignment with the organization's regulatory expectations.
Responsibilities:
- Cybersecurity Governance & Leadership: Establish and maintain enterprise-wide cybersecurity governance in line with SAMA CSF and NCA ECC requirements. Advise executive management on cybersecurity risks, threats, and control effectiveness.
- Cybersecurity Risk Management & Compliance: Own and oversee the cybersecurity risk management framework. Ensure compliance with applicable regulations and industry good practices.
- Security Operations & Technology Oversight: Oversee cybersecurity operations including monitoring, detection, and incident response.
- Incident Management & Cyber Resilience: Ensure effective incident response and cyber crisis management.
- Third-Party & Outsourcing Cybersecurity: Manage third-party cybersecurity risks to ensure compliance of vendors with regulatory and contractual obligations.
- People, Culture & Capability: Promote cybersecurity awareness and culture within the organization.
- Authority & Decision Rights: Define cybersecurity policies and standards and escalate risks to executive management.
Qualifications:
- Minimum Qualifications: A Bachelor’s degree in computer science, computer engineering, information technology, or a related field. 5+ years of relevant experience in security strategy, governance, and risk management. Familiarity with industry standards such as OWASP, ISO 27001, NIST, and SAMA/NCA frameworks.
- Preferred Qualifications: Proven executive leadership in cybersecurity governance and regulatory compliance. Certifications such as CISSP, CISM, CCSP, GIAC.
The company is committed to creating an inclusive environment where employees are valued for their skills and unique perspectives, striving to inspire creativity and enrich lives through innovative products. Join us in making a meaningful impact in a rapidly growing tech company.
