Information Security Threat Manager

Role Purpose:

Responsible for managing the bank’s threat management operations, including detection, analysis, response, and reporting of cybersecurity threats and vulnerabilities.

This role ensures proactive identification and mitigation of potential risks to protect BAJ’s information assets, systems, and data from cyberattacks, while maintaining compliance with SAMA and internal security frameworks.

Core Responsibilities:

• Lead the Threat Management function , overseeing threat intelligence, detection, incident analysis, and remediation activities.
• Manage Security Operations Center (SOC) outputs, ensuring timely triage, escalation, and resolution of detected threats.
• Oversee vulnerability management programs, including scanning, prioritization, and coordination of remediation with IT and business units.
• Develop and maintain threat intelligence capabilities , integrating internal and external intelligence feeds to strengthen proactive defense.
• Coordinate incident response activities , including root-cause analysis, containment, eradication, and lessons learned.
• Ensure effective use of security tools such as SIEM, EDR, and SOAR platforms, optimizing detection and response processes.
• Collaborate with cybersecurity architecture and risk teams to ensure alignment of security controls with evolving threat landscapes.
• Prepare and present regular threat and risk reports to Information Security leadership and relevant governance committees.
• Ensure compliance with SAMA CSF, NCA ECC, ISO 27001 , and other regulatory frameworks.
• Conduct security awareness sessions and tabletop exercises to improve readiness and response capabilities.

Qualifications / Requirements:

• Bachelor’s degree in Information Security, Computer Science, or related technical field (Master’s preferred).
• 5–8 years of experience in cybersecurity operations, threat intelligence, or incident response within the banking or financial industry.
• Strong understanding of threat detection tools and methodologies (SIEM, EDR, IDS/IPS, SOAR).
• Experience with vulnerability management, threat hunting, and malware analysis.
• Familiarity with frameworks such as MITRE ATT&CK, SAMA CSF, NIST, ISO 27035.
• Strong analytical, problem-solving, and communication skills.
• Relevant certifications preferred (e.g., CISM, CISSP, GCIH, CEH, CompTIA Security+ ).