Cyber Security Lead
Location: Riyadh, Saudi Arabia (Onsite) Contract Duration: Initial 1 year contract subject to extension
Required Skills & Experience10–15 years of experience in Cyber Security with a strong background in secure SDLC, source code reading, and CI/CD pipeline security. Familiar with application security testing Mobile and Web and OWASP top 10Experience in Threat Modeling and vulnerability mitigation process Experience with WAF Cloud-flare/Akamai rules and configuration. Strong leadership and stakeholder management skills to align multiple teams (Cyber, IT, Cloud, and vendors) with tight deadlines Experience working in multi-vendor or consulting-led environments is highly preferred. Familiarity with Google APIGEE is a plus Relevant certifications (e.g., CISSP, CCSP, CSSLP, or Dev Sec Ops Professional) are an advantage. Familiarity with governmental or giga-project ecosystems (Qiddiya, NEOM, ROSHN, Red Sea Global, etc.) is a plus
Key Responsibilities Lead the integration of security practices and automation across CI/CD pipelines, enabling secure-by-design delivery. Define and enforce secure coding, vulnerability scanning, and secrets management policies across all digital products. Coordinate closely with Cyber Security, IT Security, and Cloud Security to align on controls, posture assessments, and audit readiness. Ensure that every release undergoes proper vulnerability validation, penetration testing, and compliance verification prior to deployment. Drive threat modeling, risk assessment, and remediation planning within product teams. Establish automated reporting and dashboards to track security posture, vulnerabilities, and compliance across the digital portfolio. Represent Digital Security in Design Authority (DA) and Change Advisory Board (CAB) meetings to ensure all security considerations are addressed in advance. Provide guidance and governance to vendor teams on adhering to adopted security standards and frameworks. Promote a culture of proactive security awareness and Dev Sec Ops adoption across all delivery squads.