الوصف الوظيفي
The primary objective of the Cybersecurity Manager is to support RASAN in achieving its strategic objectives by developing, implementing, and continuously improving the Enterprise Risk Management (ERM) program in line with the international standards and best practices to reduce adverse effects of uncertainties, increase company’s resilience and recovery.The candidate will directly assess and holistically manage all aspects of enterprise risks brought to bear on the company by its business operations, digital initiatives, and legislative/regulatory compliance issues. The purview of this role includes risk as it manifests in the areas of technology, operations, and strategy. Main Responsibilities:Strategy & Planning:Develop, update, and communicate cybersecurity governance policies, frameworks and supporting procedures to promote the best practices, and ensure ongoing enhancement of RASAN’s cybersecurity program, and compliance with laws, regulations, and organizational requirements.Lead the implementation of all SAMA CSF controls.Lead the implementation of Information Security Management System (ISMS) in alignment with national and international standards (i.e., NCA ECC, and ISO 27001 across the company and subsidiaries).Work with the business units to facilitate cyber risk assessment and management processes.Perform cybersecurity risk assessment and security assurance (compliance/validation) in alignment with internal and external cybersecurity regulations.Perform Business Impact Analysis from a cybersecurity perspective to support the company’s overall business impact analysis.Provide recommendations to risk owners, maintain risk mitigation plans and cybersecurity countermeasures and monitor implementation to address risks.Understand and interact with related disciplines through committees to ensure the consistent application of cybersecurity mandates, policies and standards across all technology projects, systems, and services.Provide leadership to the company’s cybersecurity organization.Works closely with IT teams, business departments and third party as appropriate for any security related issues and security audit functions.Partner with business stakeholders across the company to raise awareness of cybersecurity threats, and concerns.Assist with the overall business technology planning, providing a current knowledge and future vision of cybersecurity.Oversee cybersecurity audits, whether by performed by the company or a third-party.
المهارات
Education:Bachelor’s Degree, Computer Science, or IT related.Certifications (CISSP, CRISC, CISA/CISM, CCNA, ISO 27001 LI/LA)Minimum of 6 to 8 years of experience in cybersecurity field including experience governance, risk management frameworks and methodologies, and compliance.Has managed various teams of technical specialists.Must have strong experience with ISO 27005 / ISO 31000Excellent knowledge/understanding of most of these standards: ISO 27001, ISO 22301, NIST SP 800 53, PCI DSS, ISO 20000, ITIL, , Saudi’s SAMA CSF, Saudi’s NCA ECC, other standards.Good experience in a variety of industries; but highly desired in FinTech and InsureTech.Ideal candidate will come from a well establish organization dealing with large scale projects.Knowledge & Experience:Specific knowledge of cybersecurity management principles and models.Deep knowledge of business management practices and principles.Proven experience in audit of legislative and/or regulatory compliance.Exemplary knowledge of legislation and regulations pertaining to the InsureTech and FinTech industry.Superlative understanding of the organization’s goals and objectives.Personal Attributes:Proven leadership and management skills.Highest levels of personal and professional integrity.Superior analytical and problem-solving abilities.Ability to effectively prioritize and execute tasks in a high-pressure environment.Proven experience in interfacing with executive teams, business management and external firms.Excellent written, oral, and interpersonal communication skills.Ability to conduct research into existing and emerging security and compliance issues as required.Keen attention to detail.Team-oriented and skilled in working within a collaborative environment.
تفاصيل الوظيفة
منطقة الوظيفة الرياض, المملكة العربية السعودية
قطاع الشركة خدمات تكنولوجيا المعلومات; الخدمات المالية
طبيعة عمل الشركة صاحب عمل (القطاع الخاص)
الدور الوظيفي تكنولوجيا المعلومات
نوع التوظيف دوام كامل
الراتب الشهري غير محدد
عدد الوظائف الشاغرة 1
https://www.bayt.com/ar/saudi-arabia/jobs/cyber-security-manager-4537129/
نسخة للطباعة 
ابلغ عن اعلان مخالف