Country Information Security Officer, Saudi National

The Country Information Security Officer (CISO) for Saudi Arabia is a senior leadership position requiring a sophisticated blend of business insight and technical expertise in Information and Cyber Security (ICS). This role is critical in steering the strategic direction and operational management of ICS risks to safeguard the organisation’s assets, ensure compliance with regulatory frameworks, and reduce exposure to cyber threats. Reporting directly to the Cluster CISO for MENAP and maintaining a matrix reporting relationship with the CEO and Head of Coverage for the Saudi Branch, this role commands a comprehensive view of ICS across all business lines within the country.

The successful candidate will drive the adoption and full implementation of the ICS Risk Type Framework (RTF), aligning local practices with global standards to deliver consistent risk management outcomes. The role demands hands-on involvement in risk assessment, continuous monitoring, control validation, and risk mitigation activities, ensuring that the Saudi branch meets both internal policies and external regulatory requirements while minimising disruption to client services. This leader will cultivate strong relationships with internal stakeholders across technology, compliance, and business units, as well as with external partners including regulators and auditors.

Strategically, the CISO will develop and execute a detailed plan to enhance the ICS posture in Saudi Arabia by deploying control measures that address identified risks, leveraging both qualitative and quantitative data. The role includes oversight of digital footprint discovery, risk assessments, and embedding risk treatment plans that drive measurable improvements in ICS capabilities. Through proactive leadership, the incumbent will champion a culture of security awareness, accountability, and continuous enhancement to reinforce the resilience of the bank's operations against evolving cyber threats.

Business Leadership and Stakeholder Engagement

• Provide authoritative leadership and direction on ICS risk management within the Saudi branch, fostering collaboration and alignment among key stakeholders, including CTOs, CIOs, security teams, and regulatory bodies.
• Champion the implementation and operationalisation of the ICS Risk Framework, working closely with management teams to identify critical information assets, perform comprehensive risk assessments, and prioritise mitigation efforts.
• Utilise both qualitative insights and quantitative metrics to validate the effectiveness of controls, accelerate risk evaluation processes, and maintain accurate risk profiles that inform strategic decision-making.
• Deliver timely and insightful reports on ICS risk status, mitigation progress, and emerging threats to country and regional governance forums, ensuring transparency and informed oversight.
• Ensure seamless integration of security requirements within technology planning forums and influence the development of security technology roadmaps to address current and future risk landscapes.
• Lead the creation and execution of risk treatment plans in partnership with business and technology functions, balancing strategic priorities with operational constraints and navigating dependencies to achieve effective remediation.
• Coordinate cyber incident response planning and crisis management exercises, maintaining up-to-date playbooks, recovery strategies, and contingency measures to bolster organisational readiness.
• Drive security awareness initiatives targeted at senior leadership and staff, promoting a culture of risk accountability and resilience across the organisation.
• Manage responses to audit and regulatory inquiries pertaining to ICS strategies, controls, and compliance, ensuring timely and accurate resolution of issues.
• Maintain proactive engagement with local regulatory authorities, such as the Saudi Central Bank, to address submissions, advisory requests, and conduct assessments that align the organisation’s ICS posture with regulatory expectations.
• Support cross-functional ICS initiatives including those related to capital market entities within Saudi Arabia, enhancing cohesive security practices across business units.

The Chief Information Security Officer for Saudi Arabia will anchor the organisation's efforts to mitigate cyber and information risks while ensuring alignment with global and regional standards. The role mandates a comprehensive understanding of market-specific regulatory environments, particularly the directives issued by Saudi regulators such as SAMA and NCA, to maintain strong compliance and anticipate emerging policy shifts.

In addition to leading the deployment of the ICS Risk Type Framework, the successful candidate will assess potential vulnerabilities associated with the bank’s digital footprint and third-party relationships, implementing robust controls to protect data privacy and ensure operational continuity. The position necessitates an ability to synthesise complex technical, business, and risk data into actionable insights for executive leadership.

Ultimately, the role contributes significantly to safeguarding the bank’s reputation, supporting digital transformation securely, and fostering trust among customers, regulators, and partners by upholding rigorous cybersecurity standards.

Educational Background and Professional Experience

• Bachelor’s degree or higher in Engineering, Computer Science, Information Technology, or equivalent discipline.
• Minimum of 7 to 8 years’ experience in cybersecurity roles, preferably within the financial services industry, demonstrating progressive responsibility in managing ICS risks.
• Strong technical knowledge of ICS products and operational controls is highly advantageous.
• Proven ability to communicate complex cybersecurity risks and mitigation strategies clearly and effectively to non-technical business leaders and diverse stakeholders.
• Experience in managing regulatory relationships and audit processes, particularly within the Saudi Arabian and broader MENAP region, evidencing maturity and balanced judgement.
• Exceptional stakeholder management skills with an ability to influence decisions across various organisational layers, including senior leadership teams.
• Competent in delivering high-quality presentations and reports, with sound proficiency in MS Excel, PowerPoint, and Word.
• Self-motivated and capable of autonomously initiating and leading strategic programs and projects to successful completion.
• Strong analytical prowess, prioritisation skills, and decisiveness in high-pressure environments.
• Demonstrate grit, integrity, independence, and resilience while fostering a culture of security and continuous improvement.
• Established leadership qualities, with a history of managing complex global initiatives via influence rather than authority.
• Balance the ability to focus strategically while managing operational details to drive effective ICS risk management.

Standard Chartered is a leading international bank with a presence spanning over 170 years, known for combining agility with breadth of impact. We are dedicated to making a positive difference for our clients, communities, and employees. Our culture is founded on questioning convention, embracing challenges, and exploring new avenues for growth and improvement.

Joining Standard Chartered means becoming part of a purposeful organisation committed to driving commerce and prosperity through our rich diversity. Our core values and behaviours foster an inclusive and respectful environment where every individual’s unique talents are recognised and celebrated.

We uphold principles that prioritise integrity and client focus, encourage continuous innovation and improvement, and promote collaboration and inclusivity. Our teams thrive by embracing diversity and working together to build sustainable success, making Standard Chartered a workplace where everyone can feel empowered to contribute and realise their full potential.

Aligned with our Fair Pay Charter, we offer a comprehensive package designed to support your overall wellbeing including mental, physical, financial, and social health.

• Retirement savings, medical and life insurance are core benefits provided by the bank, with options for flexible and voluntary benefits tailored to local needs.
• Generous leave policies encompass annual leave, parental and maternity leave (up to 20 weeks), sabbatical opportunities (up to 12 months), and volunteering leave (3 days annually), alongside a minimum total of 30 combined annual and public holiday days to ensure work-life balance.
• Flexible working arrangements facilitate a balance between home and office environments, supporting different working patterns to accommodate individual circumstances.
• Robust wellbeing programs including access to Unmind – an industry leading digital wellbeing platform, resilience development courses, Employee Assistance Programmes, mental health first aider networks, and various self-help resources.
• Learning and development culture focussed on continuous growth through reskilling and upskilling, with access to diverse learning modalities including physical, virtual, and digital platforms.
• Diversity and inclusion are at the heart of our organisational ethos, creating an environment where everyone's individuality is acknowledged, respected, and leveraged for collective success.