fb_pixel
back
Back
Location:
Riyadh, Saudi Arabia
Department: Management
Job Description

Our Culture:

At Zaintech we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the Zaintech family.

Our Code of Conduct:


At Zaintech we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

Role Summary

The Cybersecurity Operations Manager is responsible for the organisation’s 24 × 7 Security Operations Centre (SOC) in the Kingdom of Saudi Arabia. Reporting to the Cyber Security Manager (KSA)—with functional alignment to the Regional CISO and Cyber Governance Office—the role drives continuous improvement of SOC capabilities, communicates operational risk and performance metrics to senior leadership, and champions a culture of security across the enterprise.

In addition to provide high-level security guidance and approving architecture decisions to ensure all new solutions align with regional standards, zero-trust principles, and Saudi NCA ECC/CCC controls.

Duties and Responsibilities:

  • Maintain a resilient 24 × 7 SOC that meets agreed service-level objectives for mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
  • Ensure full compliance with Saudi national cybersecurity regulations (NCA ECC/CCC) and other applicable legislation and standards (ISO 27001, PCI-DSS, etc.).
  • Optimise cybersecurity budget and resources to balance risk reduction with business value.
  • Develop and retain talent, building a high-performing cybersecurity-operations team with clearly defined career paths.
  • Embed secure-by-design architecture governance, guaranteeing that material technology changes and projects pass security-design review and conform to the enterprise reference architecture.

Key Responsibilities

Responsibilities are grouped for clarity; operations remain the primary focus, with architecture covered in a dedicated secondary section.

Leadership & Strategy

  • Lead the 24 × 7 SOC in KSA, ensuring effective monitoring, detection, triage, analysis, containment, eradication and recovery from cybersecurity incidents.
  • Develop, communicate and periodically review SOC strategy, policies and procedures to align with organisational objectives and the cybersecurity strategy.
  • Advocate cybersecurity topics with senior management, ensuring strategic goals include robust cyber-defence capabilities.
  • Obtain and manage resources (people, technology, budget) to achieve strategic cybersecurity goals.
  • Maintain knowledge of emerging threats, technologies and regulatory changes impacting the SOC.

Risk Governance & Compliance

  • Ensure cybersecurity risks identified by SOC monitoring are logged, assessed and treated through the organisation’s risk-governance process.
  • Track audit findings and recommendations, ensuring timely mitigation.
  • Collaborate with stakeholders to integrate cybersecurity requirements into business continuity (BCP) and disaster-recovery (DR) programmes.
  • Periodically review cybersecurity strategy, policies and related documents for compliance with Saudi NCA regulations, UAE IAS v2 (where relevant) and other applicable standards.

SOC Operations & Incident Response

  • Direct daily SOC operations, validating that protection, detection and response capabilities are operating as designed.
  • Coordinate cybersecurity inspections, tests, and red-team / purple-team exercises.
  • Serve as escalation point and executive liaison during major incidents, ensuring effective communication with internal stakeholders and third parties.
  • Oversee incident post-mortems, root-cause analysis and continuous-improvement actions.
  • Ensure accurate, timely operational and management reporting (KPIs, KRIs, compliance dashboards, executive summaries).

Threat & Vulnerability Management

  • Maintain robust vulnerability identification, prioritisation and remediation processes; track remediation metrics.
  • Oversee threat-intelligence collection, analysis and operational use.
  • Evaluate new technologies, tools and upgrades, approving cybersecurity capabilities before adoption.
  • Ensure supply-chain and third-party cybersecurity risks are identified and managed, especially in mergers, acquisitions and outsourcing.

Security Architecture

  • Conduct security-architecture gap assessments and maintain the cybersecurity reference architecture for on-prem, cloud, and OT environments.
  • Contribute to the Cyber Security Steering committee, approving or rejecting architectural decisions for new systems, integrations and major cloud migrations.
  • Define and maintain secure-configuration baselines (e.g., CIS) and champion infrastructure-as-code patterns that enforce them.
  • Provide security input to procurement specifications and evaluate vendor architectures during RFPs.
  • Translate business and regulatory requirements into technical security controls, ensuring alignment with zero-trust principles and regional governance standards.

Training, Awareness & Talent Management

  • Ensure regular cybersecurity awareness and role-based training for all staff.
  • Develop SOC-analyst competency frameworks and certification paths (e.g., GSEC, GCIA, GCIH, GCFE).
  • Mentor, coach and evaluate team members; foster a culture of knowledge-sharing and continuous learning.

Requirements

1. Minimum Qualification and certifications

  • Education: Bachelor’s in Computer Science, Information Security or related field (Master’s preferred).
  • Experience: 8+ years in cybersecurity with at least 3 years managing SOC or security-operations teams; exposure to security-architecture or design-review boards is highly desirable.
  • Certifications (preferred): CISSP, CISM, CCSP, GCIH, GCIA, TOGAF.
  • Language: Fluent English and Arabic.

2. Skills and knowledge

Operations-focused knowledge remains unchanged (network security, incident response, risk, compliance, cloud, cryptography). Additional architecture-specific competencies include: secure-configuration management, security-design methodologies, enterprise architecture frameworks, security-design trade-off analysis, and evaluation of emerging technologies.

  • Develop and maintain policies reflecting business and cybersecurity strategic objectives.
  • Evaluate vendor solutions, negotiate agreements, and manage MSSP relationships.
  • Lead multidisciplinary teams in a high-pressure, 24 × 7 environment.
  • Design countermeasures to identified architectural security risks and translate operational needs into protection requirements.

Job Id: Iw0/G/CTb1HVq70TFV4Qvnd1zQDeYrj0qPq47pFz/TCvj+9kMz+QH9wjx7tJNcPY4APKLyORlfaY5YERukBpFuvorA==
companyLogo
Specialized Technical Services – STS
Cybersecurity Operations Manager (KSA National)