Head of IT Security (Banking)

We are seeking an experienced Head of IT Security to lead and manage the company's technical security operations. This role is responsible for designing, implementing, and overseeing security controls to protect cloud and on-premise infrastructure, applications, and data, while ensuring full compliance with regulatory frameworks including SAMA Cyber Security Framework and NCA. The ideal candidate is a hands-on security leader with strong technical depth, proven team leadership experience, and solid exposure to regulated banking environments.

Key Responsibilities:

• Security Leadership & Governance:

  • Lead, mentor, and develop a team of Security Engineers.
  • Define security strategy and roadmap aligned with business objectives and regulatory requirements.
  • Manage manpower planning, performance evaluations, coaching, and continuous development of team members.
  • Collaborate closely with Cyber Security, IT, audit, and regulatory stakeholders.

• Security Operations & Incident Response:

  • Oversee day-to-day security operations including SIEM monitoring and intrusion detection.
  • Lead incident response activities including containment, investigation, remediation, and recovery.
  • Maintain continuous awareness of emerging threats and recommend improvements to security posture.

• Cloud & Infrastructure Security:

  • Implement and manage security controls across cloud, hybrid, and on-prem environments.
  • Secure cloud platforms including AWS, Azure, and GCP.

• Identity, Access & Data Protection:

  • Deploy and manage IAM solutions including Active Directory and SSO.
  • Administer privileged access and authentication mechanisms.

• Compliance, Risk & Audit:

  • Ensure compliance with SAMA, NCA, and regional regulatory requirements.
  • Conduct security assessments and audits.

• Security Tools & Technologies:

  • Administer and optimize security platforms such as SIEM, EDR, and VPN.

Qualifications & Experience:

• Bachelor’s degree in Computer Science, Information Technology, Cyber Security, or related field.
• 14+ years of experience in IT / Cyber Security environments.
• 6+ years of hands-on experience managing enterprise security tools.
• Strong experience across on-premise and SaaS security platforms.
• Experience with relevant tools such as Zscaler or SentinelOne.
• Relevant certifications such as CISSP or CISM are a plus.

Technical & Professional Skills:

• Strong understanding of security principles, protocols, and best practices.
• Excellent communication skills with the ability to explain technical concepts to non-technical stakeholders.
• Good understanding of KSA and Middle East regulatory security requirements.

Language Requirements: English proficiency is typically expected.

Location: Riyadh, Saudi Arabia
Work Conditions: On-site, Full-time