Cyber Security Manager - Banking - KSA Nationals

Information Security Manager will be responsible for developing, implementing, and maintaining the branch's information security strategy and cybersecurity framework. The role focuses on safeguarding the bank's systems, infrastructure, and data while ensuring compliance with regulatory requirements, including the SAMA Cybersecurity Framework.

The successful candidate will oversee cybersecurity risk management, security operations, incident response, and regulatory engagement while collaborating with internal stakeholders and external vendors to maintain a secure technology environment aligned with business objectives.

• Develop and implement the branch's information security policies, standards, and procedures.
• Establish and maintain an effective information security governance framework aligned with business objectives.
• Conduct periodic reviews and updates of security policies to address evolving threats and regulatory changes.

• Ensure compliance with the SAMA Cybersecurity Framework and other applicable regulatory requirements.
• Serve as the primary point of contact for regulators, auditors, and external security assessments.
• Prepare security reports and documentation required for regulatory submissions and audits.

• Identify, assess, and mitigate cybersecurity risks across systems, applications, and infrastructure.
• Conduct regular security risk assessments, vulnerability assessments, and penetration testing.
• Maintain the information security risk register and ensure timely remediation of identified risks.

• Oversee security operations including monitoring, detection, and response to cyber threats.
• Manage security technologies including firewalls, intrusion detection and prevention systems (IDS/IPS), endpoint protection, encryption tools, and vulnerability management solutions.
• Monitor network and system activity to detect unauthorized access or suspicious behavior.

• Ensure appropriate security controls are implemented for critical banking systems such as SARIE and TANFEETH
  .
• Work closely with IT and business teams to ensure secure system integration and data protection.

• Develop and maintain incident response plans to effectively manage cybersecurity incidents.
• Lead investigations into security incidents, identify root causes, and implement corrective measures.
• Conduct cybersecurity drills and simulations to test incident readiness and response capabilities.

• Manage relationships with security vendors and service providers.
• Oversee procurement, maintenance, and lifecycle management of cybersecurity tools and solutions.
• Support budget planning and allocation for information security initiatives.

• Develop and deliver cybersecurity awareness programs for employees.
• Promote a culture of information security across the organization.
• Ensure staff understand and follow security policies and best practices.

• Bachelor's or Master's degree in Cybersecurity, Information Technology, Computer Science, or a related discipline.
• Minimum 8 years of experience in information security, cybersecurity, or IT risk management
  .
• Experience with in banking or financial services environments is highly desirable
  .
• Professional certifications such as CISSP, CISM, CISA, or CEH are strongly preferred.

• Strong knowledge of the SAMA Cybersecurity Framework and Saudi regulatory requirements.
• Experience securing SARIE and TANFEETH payment systems
  .
• Proven experience managing cybersecurity incidents and regulatory audits.