×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Chief Information Security Officer - Cloud Security

Job in Riyadh, Riyadh Region, Saudi Arabia
Listing for: ByteDance
Full Time position
Listed on 2026-01-11
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Salary/Wage Range or Industry Benchmark: 400000 - 600000 SAR Yearly SAR 400000.00 600000.00 YEAR
Job Description & How to Apply Below

Chief Information Security Officer - Cloud Security - Saudi Arabia

The Cloud Security team is responsible for the security assurance of Byte Dance enterprise businesses and the underlying cloud platform, covering areas such as security architecture, SDLC, vulnerability management, security incident response, and security compliance. The team aims to ensure the security and stability of the Byte Dance cloud platforms while enabling the success of the cloud business.

The Chief Information Security Officer (CISO) is responsible for the overall cybersecurity posture of the organization and for ensuring compliance with applicable cybersecurity laws, regulations, and regulatory frameworks, including the National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC) within the Kingdom of Saudi Arabia (KSA). The CISO will provide independent executive leadership and oversight across cybersecurity governance, risk management, and security operations.

The role requires a pragmatic, business-oriented leader with strong expertise in cybersecurity, cloud security, and modern technology environments, capable of ensuring that cybersecurity risks are identified, managed, and reported in alignment with the organization's risk appetite and regulatory expectations. You’ll collaborate closely with senior executives and shape strategic outcomes, reduce risk exposure, and drive secure innovation across complex, interconnected ecosystems.

Responsibilities
  • Cybersecurity Governance & Leadership:
    • Establish and maintain enterprise-wide cybersecurity governance in line with SAMA CSF and NCA ECC requirements.
    • Ensure clear ownership, accountability, and segregation of duties across cybersecurity functions.
    • Advise executive management on cybersecurity risks, threats, and control effectiveness.
    • Ensure cybersecurity considerations are embedded into corporate governance and enterprise risk management.
  • Cybersecurity Risk Management & Compliance:
    • Own and oversee the cybersecurity risk management framework.
    • Ensure continuous compliance with applicable regulations and industry good practices.
    • Ensure timely remediation of audit findings and regulatory observations.
    • Act as the primary point of accountability for cybersecurity matters with regulators.
  • Security Operations & Technology Oversight:
    • Oversee cybersecurity operations including monitoring, detection, vulnerability management, IAM, and incident response.
    • Ensure effective prevention, detection, response, and recovery capabilities.
  • Incident Management & Cyber Resilience:
    • Ensure effective incident response and cyber crisis management.
    • Lead executive coordination during material cybersecurity incidents.
    • Ensure alignment with business continuity and disaster recovery.
    • Oversee post-incident reviews.
  • Third-Party & Outsourcing Cybersecurity:
    • Ensure third-party cybersecurity risks are identified and managed.
    • Ensure compliance of vendors with regulatory and contractual obligations.
    • Oversee outsourced and managed security services.
  • People, Culture & Capability:
    • Establish and maintain a compliant cybersecurity operating model.
    • Develop national cybersecurity talent in alignment with Saudization.
    • Promote cybersecurity awareness and culture.
    • Ensure adequate resourcing and training.
  • Authority & Decision Rights:
    • Define cybersecurity policies and standards.
    • Escalate risks and incidents to executive management.
    • Approve or reject cybersecurity risk acceptances.
Minimum Qualifications
  • Education:

    A bachelor’s degree in computer science, computer engineering, information technology, or a related field.
  • Experience:

    5+ years of relevant experience in security strategy, cybersecurity governance, risk management, or related domains.
  • Security Frameworks Knowledge:
    Familiarity with industry standards such as OWASP, SANS CWE Top 25, ISO 27001, PCI DSS, NIST, and SAMA/NCA frameworks.
  • Proven executive leadership in cybersecurity governance, risk management, and regulatory compliance.
  • Strong experience engaging with Boards, regulators, and senior executives on cybersecurity matters.
  • Ability to translate complex cybersecurity risks into clear business and risk implications.
  • Demonstrated leadership in building high-performing…
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search