This role is open to Saudi nationals only, in line with regulatory and Saudization requirements. This is a critical leadership role at the heart of a regulated financial services organization operating under SAMA oversight. You will own the information security agenda end-to-end, shape the cyber security strategy, and act as the key interface with regulators, the Board, and senior leadership. If you’re looking for a role with real authority, regulatory visibility, and the chance to build and mature a security function, this is a rare opportunity.
Ready to apply for roles like this?
Unlock the company name and direct application link. Subscribers get instant access to fresh jobs across Dubai, Abu Dhabi and Riyadh, many with visa support.
Unlock employer & apply directly
Key Responsibilities:
-
Security Strategy & Governance:
- Own and execute the Information Security Strategy in alignment with the SAMA Cyber Security Framework (CSF).
- Lead the implementation, maintenance, and continuous improvement of SAMA CSF controls across the organization.
- Establish, maintain, and evolve information security policies, standards, and procedures.
-
Board, Regulator & Executive Engagement:
- Act as the primary cybersecurity liaison with SAMA and other relevant regulators.
- Provide regular updates to the Board and Information Security Committee on security posture, risks, incidents, and strategic initiatives.
-
Cyber Operations & Incident Management:
- Oversee day-to-day cyber security operations, including SOC monitoring and compliance.
- Lead the investigation, response, and recovery for security incidents.
-
Risk, Threat & Control Management:
- Deliver risk-based cyber security solutions across people, process, and technology.
- Conduct regular risk assessments, gap analyses, and maturity reviews.
-
Third-Party & Stakeholder Assurance:
- Lead security and cyber due-diligence with clients, partners, third parties, and regulators.
-
Security Culture & Awareness:
- Champion a security-first culture across the organization.
- Deliver engaging security awareness initiatives and training programs.
-
Data Protection & Privacy:
- Advocate for data privacy by design and ensure alignment with applicable data protection laws.
Requirements:
- Proven experience in SAMA-regulated financial institutions.
- Hands-on experience with the SAMA Cyber Security Framework.
- Strong background in senior information security or cyber security leadership roles.
- Experience with ISO 27001/27002 controls and leading audits.
- Strong understanding of enterprise IT environments, including network security and public cloud environments (AWS and/or OCI).
Benefits:
- Direct access to the Board and CEO.
- Regulatory visibility with SAMA.
- Authority to set strategy and build a lasting security legacy.
Language Requirements: Not explicitly mentioned. However, fluency in Arabic may be assumed for a role focused on Saudi nationals.
Work Conditions: Hybrid (partially remote and partially on-site). Full-time.
