Head of Information Security

Saudi Arabia Permanent
  • An opportunity to be a part of one of Saudi Arabia's prestigious projects
  • Establish an Information Security division from scratch

About Our Client

Our client is one of Saudi Arabia's most iconic mega-projects, and will be integral to Saudi's Vision 2030.

Job Description

The Head of Information Security will be responsible for:

  • Developing an Information Security Strategy for the division, and aligning strategy to Group level
  • Implementation of Information Security systems
  • Adoption of Group level Information Security and Data Privacy policies/regulations
  • Promoting Information Security best practice across organisation
  • Developing and continuously improving the Information Security Incident Response Plan which is in line with Group level policies
  • Developing and maintaining a Cyber Risk Register
  • Integrating Information Security into the software development life cycle
  • Leading initiatives across the organisation to promote and raise awareness regarding Information Security, and associated best practices
  • Linking Information Security with other divisions and departments (IT and non-IT), and enhancing communication between Information Security division and rest of organisation/Group
  • Technical Specifications, RFPs, Tender Evaluations, Vendor Management, etc.
  • Team leadership

The Successful Applicant

The successful candidate will be/have:

  • At least a Bachelor's degree in Information Security or related fields
  • 10+ years of experience in Information Security & Data Privacy roles
  • Previous experience in implementing Information Security & Data Privacy Framework from scratch
  • Exposure to security standards such as ISO/IEC 27001/2 and/or NIST and IEC 62443
  • Knowledge of latest trends, technologies, regulations and developments in Information Security
  • A willingness to work in a some-what unstructured 'start-up' environment which is agile and flexible
  • A strong background in working within multi-stakeholder organisations
  • Experience managing and dealing with vendors, consultants and service providers
  • Managerial/leadership skills, and demonstrable experience in building Information Security teams
  • Industry relevant certification such as ISO27001/2, IEC 62443, CISSP, CISA, CISM, etc.
  • Experience in working for an 'asset-heavy' organisation, where physical assets (along with data) might be at risk from a cybersecurity perspective

What's on Offer

An attractive salary package and benefits are on offer for the successful candidate.

Contact
Aniket Deo
Quote job ref
JN-042021-2553724

Job summary

Sector
Sector
Location
Contract type
Consultant name
Aniket Deo
Job reference
JN-042021-2553724