Head of IT Security

The Head of IT Security will be responsible for designing, implementing, and managing the security measures defined by the Cyber-Security Department to safeguard our cloud infrastructure, applications, and data.

Working closely with the Cyber-Security team, the candidate will develop and execute comprehensive security strategies, mitigate security risks, and ensure compliance with industry standards and regulations [covering SAMA Cyber Security Framework and the NCAA].

• Lead and mentor a diverse team of Security Engineers, fostering a collaborative and high-performance culture aligned with the bank’s goals.

• Provide technical guidance, promote continuous learning, and deliver training programs to enhance team members’ capabilities.

• Administer and maintain the Security Information and Event Management (SIEM) platform, ensuring systems are up to date and compliant.

• Lead and mentor a diverse team of Security Engineers, fostering a collaborative and high-performance culture aligned with the bank’s goals.

• Provide technical guidance, promote continuous learning, and deliver training programs to enhance team members’ capabilities.

• Administer and maintain the Security Information and Event Management (SIEM) platform, ensuring systems are up to date and compliant.

• Conduct security assessments and audits to identify and mitigate risks across infrastructure and applications.

• Implement and manage cloud security controls, including OS hardening, SIEM solutions, patch management, DLP, endpoint detection, security tagging, threat detection, cloud logging and monitoring, and cloud security tools.

• Resolve security observations identified by regulators, auditors, penetration tests, and internal cybersecurity teams.

• Implement threat detection tooling and monitor the security posture of all devices and servers.

• Ensure regulatory physical security tooling is implemented within the bank’s facilities.

• Implement Data Loss Prevention controls to maintain operations and meet RPO/RTO goals.

• Deploy and manage authentication and authorization tools covering Active Directory, Single Sign-On, security groups, permissions, and IAM.

• Participate in data center audits and reviews from a security perspective.

• Ensure vulnerability scanning services are implemented and maintained.

• Maintain awareness of major security threats and recommend improvements to security posture.

• Configure and manage VPNs to securely control application access.

• Enforce the principle of least privilege across the organization.

• Implement and manage web security policies, including URL filtering and threat protection.

• Monitor and respond to container security threats.

• Collaborate with cross-functional teams to design, implement, and maintain security solutions that align with business objectives and best practices.

• Participate in meetings with internal customers, negotiate expectations, and ensure alignment with security requirements.

• Collaborate with the cybersecurity team to enforce standards, implement controls, and meet regulatory requirements.

• Lead the team in resolving technical issues, outages, and performance bottlenecks.

• Manage manpower planning, set performance goals, and conduct evaluations for direct reports.

• Provide continuous coaching, feedback, and development opportunities to team members.

• Coordinate with other departments to ensure effective communication of security policies and awareness training.

• Oversee technical security configurations, patching, and system hardening.

• Monitor and manage security operations including SIEM alerts, intrusion detection, and endpoint protection.

• Coordinate vulnerability scanning, penetration testing, and remediation of identified weaknesses.

• Administer and monitor privileged accounts and technical access controls.

• Support incident response through containment, investigation, and recovery activities.

• Implement safeguards to meet regulatory and audit requirements.

• Provide technical security input for IT projects, upgrades, and integrations.

Qualification & Experience

• Bachelor’s degree in Computer Science, Information Technology or related field within Security

• At least 6 years’ experience administering and maintaining Security tools such as SIEM, EDR, Brand Protection, WAF, OS Security, Cloud security, Network Security, database security, application security, Active Directory and Container security technologies.

• Proven experience in leading technical teams

• At least 14 years of experience working with and administering both on-premises and SaaS security-related tools associated with the position.

• At least 6 years’ experience in managing technical teams

• Demonstrated expertise in the implementation, management, and maintenance of a variety of security tools and technologies, including but not limited to those listed in the job description.

• Experience with cloud security, including AWS, Azure, and Google Cloud Platform, as well as on-premises security solutions.

• Relevant certifications, such as CISSP, CISM, or similar, are a plus.

• Knowledge in tools like Zscaler and SentinelOne

• Banking Experience preferred

• Understanding of EndPoint Detection / Anit-virus tools

• Understanding of different cloud encryption method

• Knowledge of Oracle Vault, AWS KMS, and HSM solutions

Technical Skills:

• Good knowledge of technology regulatory requirements in the KSA and Middle East

• Excellent written and verbal communication skills, with the ability to communicate technical information to non-technical stakeholders.

• Strong understanding of security principles, protocols, and best practices.

• Proven ability to monitor and analyze security threats, triaging incidents and taking appropriate remediation measures to protect the organization.

• Strong problem-solving skills, with the ability to work independently and within a team.

• In depth technical knowledge and experience in the Technologies that are enablers of agile Digital Banks, including: public, private and hybrid cloud platforms and tools

• Must be experienced with operating systems like Windows, Linux, and UNIX