Country Information Security Officer

About the Job:
The Chief Information Security Officer (CISO) for Saudi Arabia is a senior leadership position that requires a sophisticated blend of business insight and technical expertise in Information and Cyber Security (ICS). This role is critical in steering the strategic direction and operational management of ICS risks to safeguard the organisation’s assets, ensure compliance with regulatory frameworks, and reduce exposure to cyber threats.
The successful candidate will drive the adoption and full implementation of the ICS Risk Type Framework (RTF), aligning local practices with global standards to deliver consistent risk management outcomes. The role demands hands-on involvement in risk assessment, continuous monitoring, control validation, and risk mitigation activities, ensuring that the Saudi branch meets internal policies and external regulatory requirements while minimizing disruption to client services.
Through proactive leadership, the CISO will champion a culture of security awareness and accountability, conduct risk assessments, and implement robust controls to enhance the ICS posture in Saudi Arabia. The position necessitates a comprehensive understanding of market-specific regulatory environments, particularly directives issued by Saudi regulators such as SAMA and NCA.

Key Responsibilities:

• Provide leadership and direction on ICS risk management within the Saudi branch, fostering collaboration among stakeholders including CTOs, CIOs, security teams, and regulatory bodies.
• Champion the implementation and operationalization of the ICS Risk Framework.
• Conduct comprehensive risk assessments and maintain accurate risk profiles for strategic decision-making.
• Deliver insightful reports on ICS risk status, ensuring transparency and informed oversight.
• Lead incident response planning and drive security awareness initiatives.
• Maintain proactive engagement with local regulatory authorities and manage audit responses.

Qualifications:

• Bachelor’s degree or higher in Engineering, Computer Science, Information Technology, or equivalent discipline.
• Minimum of 7 to 8 years of experience in cybersecurity roles, preferably within the financial services industry.
• Strong technical knowledge of ICS and proven ability to communicate complex cybersecurity risks to diverse stakeholders.
• Experience in managing regulatory relationships and audit processes within Saudi Arabia preferred.

Language Requirements: Fluent in Arabic is preferred; proficiency in English is essential.

Work Conditions: On-site, Full-time

About the company:
The company is a leading international bank known for its commitment to making a positive difference for clients, communities, and employees. We promote a culture that values integrity, innovation, and inclusivity, providing a comprehensive benefits package to support the overall wellbeing of our employees.