- An opportunity to be a part of one of Saudi Arabia's prestigious projects
- Establish an Information Security division from scratch
About Our Client
Our client is one of Saudi Arabia's most iconic mega-projects, and will be integral to Saudi's Vision 2030.
The Head of Information Security will be responsible for:
- Developing an Information Security Strategy for the division, and aligning strategy to Group level
- Implementation of Information Security systems
- Adoption of Group level Information Security and Data Privacy policies/regulations
- Promoting Information Security best practice across organisation
- Developing and continuously improving the Information Security Incident Response Plan which is in line with Group level policies
- Developing and maintaining a Cyber Risk Register
- Integrating Information Security into the software development life cycle
- Leading initiatives across the organisation to promote and raise awareness regarding Information Security, and associated best practices
- Linking Information Security with other divisions and departments (IT and non-IT), and enhancing communication between Information Security division and rest of organisation/Group
- Technical Specifications, RFPs, Tender Evaluations, Vendor Management, etc.
- Team leadership
The Successful Applicant
The successful candidate will be/have:
- At least a Bachelor's degree in Information Security or related fields
- 10+ years of experience in Information Security & Data Privacy roles
- Previous experience in implementing Information Security & Data Privacy Framework from scratch
- Exposure to security standards such as ISO/IEC 27001/2 and/or NIST and IEC 62443
- Knowledge of latest trends, technologies, regulations and developments in Information Security
- A willingness to work in a some-what unstructured 'start-up' environment which is agile and flexible
- A strong background in working within multi-stakeholder organisations
- Experience managing and dealing with vendors, consultants and service providers
- Managerial/leadership skills, and demonstrable experience in building Information Security teams
- Industry relevant certification such as ISO27001/2, IEC 62443, CISSP, CISA, CISM, etc.
- Experience in working for an 'asset-heavy' organisation, where physical assets (along with data) might be at risk from a cybersecurity perspective
What's on Offer
An attractive salary package and benefits are on offer for the successful candidate.