Country Information Security Officer (CISO), Saudi National

The Country Information Security Officer (CISO) for Saudi Arabia is a senior leadership position that blends business insight with technical expertise in Information and Cyber Security (ICS). This pivotal role involves steering the strategic direction and operational management of ICS risks to safeguard the organization’s assets, ensure compliance with regulatory frameworks, and reduce exposure to cyber threats.

Reporting directly to the Cluster CISO for MENAP and maintaining a matrix reporting relationship with the CEO and Head of Coverage for the Saudi Branch, the CISO will drive the adoption and implementation of the ICS Risk Type Framework (RTF), aligning local practices with global standards. The successful candidate will engage hands-on in risk assessments, continuous monitoring, control validation, and risk mitigation, ensuring compliance with internal policies and external regulations while minimizing disruption to client services.

Key Responsibilities:

• Provide authoritative leadership on ICS risk management within the Saudi branch, fostering collaboration with key stakeholders.
• Champion the implementation of the ICS Risk Framework, perform comprehensive risk assessments, and prioritize mitigation efforts.
• Validate the effectiveness of controls using qualitative and quantitative metrics and deliver insightful reports on ICS risk status to governance forums.
• Ensure integration of security requirements within technology planning and influence the development of security technology roadmaps.
• Lead risk treatment plans in coordination with business and technology functions, and manage cyber incident response planning and crisis management exercises.
• Promote a culture of risk accountability and continuous improvement through security awareness initiatives.

Qualifications:

• Bachelor’s degree or higher in Engineering, Computer Science, Information Technology, or equivalent discipline.
• 7 to 8 years of experience in cybersecurity roles, preferably in the financial services industry.
• Strong technical knowledge of ICS products and operational controls.
• Proven ability to communicate complex cybersecurity risks and strategies clearly to non-technical stakeholders.
• Experience in managing regulatory relationships and audit processes within Saudi Arabia and the MENAP region.
• Exceptional stakeholder management skills and ability to influence decisions across various organizational layers.
• Proficiency in MS Excel, PowerPoint, and Word.

Language Requirements: Not explicitly mentioned; proficiency in Arabic may be inferred for effective communication within the local context.

About the company:
The company is a leading international bank with over 170 years of experience, dedicated to making a positive difference for clients, communities, and employees. We are committed to fostering an inclusive environment that values integrity, innovation, collaboration, and diversity.

What We Offer:
We provide a comprehensive package that supports overall wellbeing, including retirement savings, medical and life insurance, generous leave policies, flexible working arrangements, robust wellbeing programs, and continuous learning and development opportunities.