Director - Tech Consulting - Cybersecurity - Threat Management & SOC

As the Data Privacy & Protection Leader, you will define and lead the strategy, delivery, and growth of data privacy, protection, and governance services across the region. You will advise boards, CISOs, and regulators on emerging privacy regulations and best practices, oversee the design and implementation of enterprise-wide data protection programs, and ensure that organizations can protect sensitive data while enabling digital transformation. This role combines executive leadership, regulatory expertise, practice development, and business growth.

Key Responsibilities:

• Define and execute the vision, strategy, and growth plan for Data Privacy & Protection services.
• Lead large-scale programs for data privacy, governance, and regulatory compliance (e.g., GDPR, PDPL, NDMO, CCPA, NCA, HIPAA, PCI DSS).
• Oversee the design and delivery of enterprise-wide data protection frameworks, including DLP, data classification, encryption, tokenization, and anonymization.
• Oversee data backup, recovery, and retention strategies.
• Advise boards and executive leadership on privacy risk, cross-border data transfers, third-party risk, and regulatory engagement.
• Drive development of privacy-by-design and security-by-design practices in digital transformation initiatives.
• Accountable for assigned accounts, client relationship management, account growth, revenue, timely project execution, invoice collection, and maintaining margins.
• Collaborate with cross-functional practices (Cloud, SOC, IAM, Risk Advisory) to deliver integrated privacy and protection solutions.
• Represent the firm as a thought leader in privacy and protection at conferences, industry groups, and regulatory forums.
• Mentor and lead a regional team of privacy, data protection, and security professionals.

Qualifications:

• 12–15+ years of progressive experience in data privacy, protection, or cybersecurity, with at least 6+ years in a leadership role.
• Demonstrated track record in leading large-scale data protection and privacy transformation programs.
• Strong knowledge of global and regional regulations, including GDPR, CCPA, PDPL, NDMO, NCA, HIPAA, PCI DSS, ISO 27701.
• Experience in implementing data protection solutions (DLP, encryption, key management, data discovery, and classification tools).
• Bachelor’s or master’s degree in law, Cybersecurity, Computer Science, or related field.
• Relevant certifications such as CIPP/E, CIPP/M, CIPM, CIPT, ISO 27701 Lead Implementer, CISSP, CISM.

Skills and Attributes:

• Visionary approach to data privacy, governance, and protection.
• Strong leadership with the ability to influence C-level executives, regulators, and industry bodies.
• Excellent communication skills to simplify complex regulatory and technical requirements.
• Proven ability to inspire, mentor, and grow multidisciplinary teams.

Location: Riyadh, Saudi Arabia (On-site)