Information Security Vulnerability Assistant Manager

Manage and enhance the Bank’s vulnerability management program by identifying, assessing, prioritizing, and coordinating remediation of information security vulnerabilities. Ensure continuous monitoring, risk-based treatment, and compliance with SAMA Cybersecurity Framework, NCA ECC, and internal security policies to reduce technology and cyber risks.

Key Responsibilities

• Manage end-to-end vulnerability management activities, including scanning, assessment, prioritization, and remediation tracking.
• Oversee vulnerability scanning tools and ensure regular coverage across infrastructure, applications, databases, and endpoints.
• Analyze vulnerability findings, assess risk levels, and recommend mitigation plans aligned with risk appetite.
• Coordinate with IT, Application, Infrastructure, and SOC teams to ensure timely remediation and closure of vulnerabilities.
• Track remediation progress, report risk exposure, and escalate overdue or high-risk vulnerabilities.
• Support penetration testing activities and validate remediation of identified issues.
• Ensure compliance with SAMA Cybersecurity Framework, NCA Essential Cybersecurity Controls (ECC), and internal security standards.
• Prepare dashboards, metrics, and management reports on vulnerability posture and trends.