Qureos

Find The RightJob.

Head of IT Security

Date Posted:
13 February, 2026
Industry:
IT Services and IT Consulting
Location:
VAPORVM IT SERVICES DMCC

Job Description:

The Head of IT Security will be responsible for designing, implementing, and managing the security measures defined by the Cyber-Security Department to safeguard our cloud infrastructure, applications, and data.


Working closely with the Cyber-Security team, the candidate will develop and execute comprehensive security strategies, mitigate security risks, and ensure compliance with industry standards and regulations [covering SAMA Cyber Security Framework and the NCAA].


  • Lead and mentor a diverse team of Security Engineers, fostering a collaborative and high-performance culture aligned with the bank’s goals.
  • Provide technical guidance, promote continuous learning, and deliver training programs to enhance team members’ capabilities.
  • Administer and maintain the Security Information and Event Management (SIEM) platform, ensuring systems are up to date and compliant.

  • Lead and mentor a diverse team of Security Engineers, fostering a collaborative and high-performance culture aligned with the bank’s goals.
  • Provide technical guidance, promote continuous learning, and deliver training programs to enhance team members’ capabilities.
  • Administer and maintain the Security Information and Event Management (SIEM) platform, ensuring systems are up to date and compliant.
  • Conduct security assessments and audits to identify and mitigate risks across infrastructure and applications.
  • Implement and manage cloud security controls, including OS hardening, SIEM solutions, patch management, DLP, endpoint detection, security tagging, threat detection, cloud logging and monitoring, and cloud security tools.
  • Resolve security observations identified by regulators, auditors, penetration tests, and internal cybersecurity teams.
  • Implement threat detection tooling and monitor the security posture of all devices and servers.
  • Ensure regulatory physical security tooling is implemented within the bank’s facilities.
  • Implement Data Loss Prevention controls to maintain operations and meet RPO/RTO goals.
  • Deploy and manage authentication and authorization tools covering Active Directory, Single Sign-On, security groups, permissions, and IAM.
  • Participate in data center audits and reviews from a security perspective.
  • Ensure vulnerability scanning services are implemented and maintained.
  • Maintain awareness of major security threats and recommend improvements to security posture.
  • Configure and manage VPNs to securely control application access.
  • Enforce the principle of least privilege across the organization.
  • Implement and manage web security policies, including URL filtering and threat protection.
  • Monitor and respond to container security threats.
  • Collaborate with cross-functional teams to design, implement, and maintain security solutions that align with business objectives and best practices.
  • Participate in meetings with internal customers, negotiate expectations, and ensure alignment with security requirements.
  • Collaborate with the cybersecurity team to enforce standards, implement controls, and meet regulatory requirements.
  • Lead the team in resolving technical issues, outages, and performance bottlenecks.
  • Manage manpower planning, set performance goals, and conduct evaluations for direct reports.
  • Provide continuous coaching, feedback, and development opportunities to team members.
  • Coordinate with other departments to ensure effective communication of security policies and awareness training.
  • Oversee technical security configurations, patching, and system hardening.
  • Monitor and manage security operations including SIEM alerts, intrusion detection, and endpoint protection.
  • Coordinate vulnerability scanning, penetration testing, and remediation of identified weaknesses.
  • Administer and monitor privileged accounts and technical access controls.
  • Support incident response through containment, investigation, and recovery activities.
  • Implement safeguards to meet regulatory and audit requirements.
  • Provide technical security input for IT projects, upgrades, and integrations.

Qualification & Experience

  • Bachelor’s degree in Computer Science, Information Technology or related field within Security
  • At least 6 years’ experience administering and maintaining Security tools such as SIEM, EDR, Brand Protection, WAF, OS Security, Cloud security, Network Security, database security, application security, Active Directory and Container security technologies.
  • Proven experience in leading technical teams
  • At least 14 years of experience working with and administering both on-premises and SaaS security-related tools associated with the position.
  • At least 6 years’ experience in managing technical teams
  • Demonstrated expertise in the implementation, management, and maintenance of a variety of security tools and technologies, including but not limited to those listed in the job description.
  • Experience with cloud security, including AWS, Azure, and Google Cloud Platform, as well as on-premises security solutions.
  • Relevant certifications, such as CISSP, CISM, or similar, are a plus.
  • Knowledge in tools like Zscaler and SentinelOne
  • Banking Experience preferred
  • Understanding of EndPoint Detection / Anit-virus tools
  • Understanding of different cloud encryption method
  • Knowledge of Oracle Vault, AWS KMS, and HSM solutions

Technical Skills:

  • Good knowledge of technology regulatory requirements in the KSA and Middle East
  • Excellent written and verbal communication skills, with the ability to communicate technical information to non-technical stakeholders.
  • Strong understanding of security principles, protocols, and best practices.
  • Proven ability to monitor and analyze security threats, triaging incidents and taking appropriate remediation measures to protect the organization.
  • Strong problem-solving skills, with the ability to work independently and within a team.
  • In depth technical knowledge and experience in the Technologies that are enablers of agile Digital Banks, including: public, private and hybrid cloud platforms and tools
  • Must be experienced with operating systems like Windows, Linux, and UNIX

© 2026 Qureos. All rights reserved.