Head of Information Security

Saudi Arabia Permanent
  • An opportunity to be a part of one of Saudi Arabia's prestigious projects
  • Establish an Information Security division from scratch

About Our Client

Our client is one of Saudi Arabia's most iconic mega-projects, and will be integral to Saudi's Vision 2030.

Job Description

The Head of Information Security will be responsible for:

  • Developing an Information Security Strategy for the division, and aligning strategy to Group level
  • Implementation of Information Security systems
  • Adoption of Group level Information Security and Data Privacy policies/regulations
  • Promoting Information Security best practice across organisation
  • Developing and continuously improving the Information Security Incident Response Plan which is in line with Group level policies
  • Developing and maintaining a Cyber Risk Register
  • Integrating Information Security into the software development life cycle
  • Leading initiatives across the organisation to promote and raise awareness regarding Information Security, and associated best practices
  • Linking Information Security with other divisions and departments (IT and non-IT), and enhancing communication between Information Security division and rest of organisation/Group
  • Technical Specifications, RFPs, Tender Evaluations, Vendor Management, etc.
  • Team leadership

The Successful Applicant

The successful candidate will be/have:

  • At least a Bachelor's degree in Information Security or related fields
  • 10+ years of experience in Information Security & Data Privacy roles
  • Previous experience in implementing Information Security & Data Privacy Framework from scratch
  • Exposure to security standards such as ISO/IEC 27001/2 and/or NIST and IEC 62443
  • Knowledge of latest trends, technologies, regulations and developments in Information Security
  • A willingness to work in a some-what unstructured 'start-up' environment which is agile and flexible
  • A strong background in working within multi-stakeholder organisations
  • Experience managing and dealing with vendors, consultants and service providers
  • Managerial/leadership skills, and demonstrable experience in building Information Security teams
  • Industry relevant certification such as ISO27001/2, IEC 62443, CISSP, CISA, CISM, etc.
  • Experience in working for an 'asset-heavy' organisation, where physical assets (along with data) might be at risk from a cybersecurity perspective

What's on Offer

An attractive salary package and benefits are on offer for the successful candidate.

Aniket Deo
Quote job ref

Job summary

Contract type
Consultant name
Aniket Deo
Job reference