Establish Security Policies and Procedures:
- Develop and enforce IT security policies, standards, and procedures.
- Regularly review and update policies to address new threats and comply with evolving regulations.
- Implement best practices for data protection, access control, and network security.
Technical Security Operations:
- Manage day-to-day technical security operations, including monitoring, threat detection, and incident response.
- Manage security tools such as firewalls, intrusion detection systems, antivirus software, and encryption technologies.
- Lead the identification, assessment, and mitigation of security vulnerabilities and risks.
Incident Response and Management:
- Establish and maintain an incident response plan to effectively handle security breaches and cyber threats.
- Lead the response to security incidents, coordinating with internal teams and external partners as necessary.
- Conduct post-incident analyses and develop action plans to prevent future incidents.
Compliance and Risk Management:
- Ensure compliance with relevant legal, regulatory, and industry standards, such as SDAIA, NCA, ZATCA, and others.
- Conduct regular security audits, risk assessments, and vulnerability assessments.
- Manage data governance and ensure the integrity, confidentiality, and availability of information.
Security Awareness and Training:
- Develop and deliver security awareness programs and training to educate employees on security best practices.
- Foster a culture of security awareness throughout the organization.
- Regularly assess the effectiveness of training programs and make improvements as needed.
Technology Evaluation and Implementation:
- Evaluate and recommend security technologies, solutions, and vendors.
- Oversee the deployment, configuration, and management of security technologies.
- Stay up to date with emerging technologies and trends in cybersecurity to continuously improve the organization's defenses.
Skills
- +3-7 years' experience in cyber security role.
- Strong understanding of cybersecurity frameworks, risk management, and compliance requirements.
- Proven experience in establishing cybersecurity practices from scratch in an organization.
- Excellent problem-solving and analytical skills.
- Strong communication and interpersonal skills.