Manager Cyber Security, Governance, Risk & Compliance

JOB PURPOSE : Assist and support all tasks related to Cyber Security, Governance, Risk & Compliance with the aim of achieving objectives under direct supervision to assist in accomplishing specific tasks.

MAIN ACCOUNTABILITIES:

• Participates in the formulation and implementation of the cybersecurity & GRC strategy to ensure the alignment with the Saudia strategy.
• Adopts cybersecurity policies, procedures, and processes to guarantee that all applicable legal and procedural requirements are met.
• Oversee the daily operations of cybersecurity by offering direction, promoting cooperation, and assisting with relevant professional work procedures to meet high-performance requirements.
• Oversee the implementation of cybersecurity operating procedures and make ongoing improvements to it.
• Offers technical know-how and guidance to carry out plans and guarantee that all cybersecurity and GRC staff receive the required support services in an efficient manner.
• Creates policies, plans, and guidelines within the organization to aid in the department's development and management.
• Oversee the activation of the business continuity management program and disaster recovery plans.
• Advises and supports the Senior management of SRF to implement the governance programs and effective risk management frameworks.
• Oversee the monitoring of external threat environment for emerging threats and advises relevant stakeholders on the appropriate courses of action.
• Ensure compliance with all applicable regulations (data protection and telecommunications legislation) are followed and assist with any regulatory inquiries.
• Ensure sure that the SRF cybersecurity strategy, policies, and other pertinent documentation are in alignment with the protection and detection risk capabilities.
• Promote cyber policy and strategy awareness within SRF management as needed.
• Maintain compliance with relevant laws and regulations by periodically reviewing cybersecurity policies, strategies, and associated documents.
• Prepares the development of cybersecurity budget and monitors financial performance versus the budget to ensure alignment.
• Manages the effective achievement of objectives by setting individual targets, developing, and motivating staff to maximize subordinate performance.
• Preparation of the annual training courses and vacations scheduling for the Department staff and obtain needed approvals.
• Communicate and coordinate with relevant departments and represent the Department in meetings inside/outside the Division.
• Perform any other related tasks assigned by the direct supervisor.

EDUCATION DEGREE :

Bachelor or Master in Cyber Security, Computer Engineering, Computer Science, Information System, Software Engineering, Computer Information System, or any other related fields.

SKILLS:

Analytical Thinking, Planning & Organizing, Communication and Coordination, Teamwork, Decision Making, Time Management, Knowledge of Policy & Procedure.

EXPERIENCE:

Minimum of 9 years work experience , 4 years of which in the same field and 3 years in supervisory level.

Qualification:

• Professional certification such as: GRCP or CGRC or CRMA is preferred.
• Preferred to be certified as an Information Systems Security Professional (CISSP).