Chief Information Security Officer - Cloud Security

About the Job:
The Chief Information Security Officer (CISO) is responsible for the overall cybersecurity posture of the organization and ensuring compliance with applicable cybersecurity laws, regulations, and regulatory frameworks, including the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) within the Kingdom of Saudi Arabia (KSA). The CISO will provide independent executive leadership and oversight across cybersecurity governance, risk management, and security operations, ensuring that risks are identified, managed, and reported in alignment with the organization's risk appetite and regulatory expectations. This role requires a pragmatic, business-oriented leader with expertise in cybersecurity, cloud security, and modern technology environments.

Responsibilities:

• Cybersecurity Governance & Leadership: Establish and maintain enterprise-wide cybersecurity governance, ensure clear ownership and accountability across functions, and advise executive management on cybersecurity risks and threats.
• Cybersecurity Risk Management & Compliance: Oversee the cybersecurity risk management framework and ensure continuous compliance with regulations and industry practices.
• Security Operations & Technology Oversight: Oversee cybersecurity operations including monitoring, detection, vulnerability management, identity access management, and incident response.
• Incident Management & Cyber Resilience: Ensure effective incident response and cyber crisis management, including alignment with business continuity and disaster recovery.
• Third-Party & Outsourcing Cybersecurity: Manage third-party cybersecurity risks and ensure compliance of vendors with regulatory obligations.
• People, Culture & Capability: Establish a compliant cybersecurity operating model, promote cybersecurity awareness, and develop national cybersecurity talent.

Qualifications:

• Minimum Qualifications:

  • Education: Bachelor’s degree in computer science, computer engineering, information technology, or a related field.
  • Experience: 5+ years in security strategy, cybersecurity governance, risk management, or related domains.
  • Knowledge of security frameworks: Familiarity with OWASP, SANS CWE Top 25, ISO 27001, PCI DSS, NIST, and SAMA/NCA frameworks.

• Preferred Qualifications:

  • Sound decision-making and crisis leadership.
  • Proven executive leadership in cybersecurity governance and compliance.
  • CISSP, CISM, CCSP, GIAC Certifications.

Language Requirements:
Not specified.

About the company:
Founded in 2012, the company's mission is to inspire creativity and enrich life, offering a suite of innovative products including TikTok, Lemon8, and CapCut. The company values diversity and inclusion, striving to create an environment that celebrates unique perspectives and fosters creativity.

Why Join the company:
Join a global, diverse team where together, we inspire creativity and enrich lives. Embrace the opportunity to grow in a rapidly evolving tech company and contribute to meaningful breakthroughs.