15 Security Manager jobs in Jeddah

Portfolio Account manager security – Civil development page is loaded **Portfolio Account manager security – Civil development***Portfolio Account manager security – Civil development**remote typeHybrid locationsRiyadh time typeFull time posted onPosted 24 Days Ago job requisition idR Location: Riyadh, Saudi ArabiaIn fast changing markets, customers worldwide rely on Thales. Thales is a business where brilliant people from all over the world come together to share ideas and inspire each other. In aerospace, transportation, defence, security and space, our architects design innovative solutions that make our tomorrow's possible.We have been present in Saudi Arabia for 40 years and with over 600 employees to date, we are growing rapidly. Together we are delivering our signalling, control and train protection systems for the North –South Railway (NSR), the longest system of it’s kind in the world. Together we are key suppliers of In-flight entertainment and connectivity systems as well as air traffic management solutions in Saudi. We are making Saudi Arabia a safer place by securing the country’s critical infrastructure and e-security solutions that secure the country’s electronic payment systems. Thales has been selected to supply major electronic systems for air defence and the Group also supplied communication and optronic systems for the Army, the Saudi Arabia National Guards and the Air Force.MISSIONS & RESPONSIBILITIES Build the Account Plan in order to define the account strategy and align the plan with the customer and the internal stakeholders by: -Understanding the customer's stakes, expectations and vision and how Thales offers can support the customer's business -Monitoring the performance of Thales’ competitors with the customer -Identifying and Defining Strategic Initiatives, in collaboration with the customer, to generate growth beyond business as usual and contributing to build and strengthen a customer relationship based on partnership -Working closely with the Account Marketing for support on actions plans (growth opportunities, engagement plan, must-wins, market segment content) Orchestrate and network with all internal and external stakeholders by: -Sharing general interest information on the customer (i.e. Customer strategy and structure, customer needs, budgets) and represent the Customer internally -Orchestrating, aligning and managing the account team (on subjects such as tendering, project execution, technology portfolio, customer satisfaction…) and supporting the sales teams in all actions required to close Order Intake -Sharing the Account Plan and facilitating the execution of the related action plan with countries and GBUs involved. The Account Manager takes part in the enhancement and update of Group CRM data -Informing the account team and account steering committee of customer satisfaction issues and supporting the development of customer satisfaction measuring in the account Act as “One face to the customer” on behalf of Thales by: -Maximizing customer satisfaction -Setting actions together with the customer to develop trust and loyalty between both organizations -Developing Group Order Intake in the short and medium term by managing Customer intimacy -Driving and secururing strategic Initiatives as defined in the Account Plan DECISIONS OWNED / KEY DELIVERABLES -Engage all actions required to execute the Account plan -Define Customer governance, as part of the Account Plan (“who meets who and when”) -Deliver an aligned and reviewed Account Plan (at least twice a year) -Perform the Opportunity presentations (“Gate 0: Early Opportunity Review”) -Deliver Order Intake forecast KEY INTERACTIONS -The Account Team: BL Sales Manager, Project Teams, Capture teams, Service teams, Account Marketing Manager -Local Head of Account management -Heads of GBUs, GBU VP Sales, BL Sales director -Account Executive Sponsor -Segment Marketing -Digital -Communications -Any other member of the Thales organization and leadership as required (Finance, Legal, Quality, Program, Bid…) SKILLS & EXPERIENCE REQUIRED -Extensive exposure to the customer industry -Capable of driving results across virtual teams and able to represent Thales Group as a whole -Entrepreneur mindset with a true sense of initiative, curiosity and autonomy -Acts naturally as a team builder and is a good communicator -Ability to convince, persuade and negotiate, both internally & externally KPIs -Group OI and GMOI for the Fiscal Year with yearly OI growth ≥ 3% for Key Accounts and ≥ 5% for Strategic Accounts (will account for 40% of variable income) -3 year average Group OI and GMOI (will account for 20% of variable income) -Customer satisfaction rating percentage increase (will account for 40% of variable income)At Thales we provide CAREERS and not only jobs. With Thales employing 80,000 employees in 68 countries our mobility policy enables thousands of employees each year to develop their careers at home and abroad, in their existing areas of expertise or by branching out into new fields. Together we believe that embracing flexibility is a smarter way of working. Great journeys start here, apply now! #J-18808-Ljbffr

Overview

Be a part of a well-established financial services organisation in Jeddah. Handle all matters related to information security architecture and engineering.

The Successful Applicant

The Senior Manager - Information Security will be / have :

• A Bachelor's or Master's degree in Information Technology, Computer Science or other relevant fields of study
• 6+ years of experience in Information Security, ideally within the Banking / Financial Services sector
• Expertise in information security architecture and engineering
• Strong understanding of Information Security frameworks such as ISO2700
• Relevant certifications such as CISSP, CISM, CCISO, etc. would be preferred
• Excellent knowledge of Saudi regulatory requirements (SAMA, NCA, etc.)
• Track record in designing secure systems and leading cyber security initiatives
• Strong project management skills

Responsibilities

• Support the CISO in developing and executing the information security strategy and roadmap
• Contribute to long term planning and act as a key advisor on technical risks
• Serve as acting CISO as and when required
• Evaluate and recommend security technologies, tools and methodology ensure the organisation complies with SAMA cybersecurity framework and NCA
• Lead technical input for audits and regularities reviews
• Oversee security monitoring, threat and vulnerability management activities
• Lead incident response efforts
• Collaborate with IT, compliance, audit and other business unit
• Report Information Security KPIs and metrics to executive management
• Represent the Information Security function internally and externally as require

What's on Offer

The salary for the Senior Manager - Information Security role will be based on experience.

Contact

Aniket Deo

Quote job ref

JN-

#J-18808-Ljbffr

Join to apply for the Engineering Manager - Ubuntu Security role at Canonical

1 week ago Be among the first 25 applicants

Join to apply for the Engineering Manager - Ubuntu Security role at Canonical

Get AI-powered advice on this job and more exclusive features.

As the most widely used Linux distribution, Ubuntu underpins the security of the entire internet. The role of Security Engineering Manager directly impacts the safety and security of millions of users worldwide. Join a team of security experts dedicated to protecting the open-source ecosystem and driving innovation. Your leadership will be instrumental in addressing emerging threats, developing robust security measures, and ensuring the continued integrity of Ubuntu. This is an opportunity to make a tangible difference and leave a lasting legacy on the digital landscape. The security engineering team's first responsibility is to respond to emerging threats and aim to secure the open source ecosystem for community and enterprise use. Your work will improve the security of millions of people, by addressing potential CVEs and vulnerabilities alongside the lifecycle of Canonical products such as Ubuntu. You will engage directly with our community and customers, as well as coordinating efforts across multiple engineering teams and projects to make this happen.

An Engineering Manager is responsible for line management and career guidance. The ability to develop engineering talent, to represent your team and product from a technical perspective, and to drive collaboration with other teams and customers are all critical to success in this role.

What you will do in this role

• Lead and develop a team of engineers, ranging from graduate to senior
• Provide technical guidance on vulnerability remediation
• Drive the development of new security engineering projects
• Work with upstream open source projects on vulnerability lifecycle handling
• Coach, mentor, and offer career development feedback
• Identify and measure team health indicators
• Implement disciplined engineering processes
• Represent your team and product to stakeholders, partners, and customers
• Develop and evangelise great engineering and organisational practices
• Plan and manage progress on agreed goals and projects
• Be an active part of the security engineering leadership team, collaborating with other leaders
  
  

What we are looking for in you

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive, and a track record of going above-and-beyond expectations
• Excellent verbal and written communication skills in English
• A love of developing and growing people and a track record of it
• Organised and able to ensure your team delivers timely, high quality results
• Professional manner interacting with colleagues, partners, and community
• Solid background in software development, including expertise in support and maintenance
• Mastery in any programming language (Go, Java, C, Python, .)
• Knowledgeable and passionate about software and application security
• Solid experience working in an agile development environment
• A demonstrated drive for continual learning
• Builds trust, relationships and confidence
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each
  
  

Optional things we value

• Strong technical understanding of the inner-workings of Linux distributions (ideally Ubuntu or Debian)
  
  

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Engineering and Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Engineering Manager jobs in Jiddah, Makkah, Saudi Arabia .

Engineering Manager - Solutions Engineering Software Engineering Manager - Sustaining Engineering Technical Manager - Automotive and Industrial Engineering Manager - Public Cloud, Python, Golang Software Engineering Manager - Desktop and Embedded Linux Optimisation Engineering Manager - Build and Release Infrastructure Engineering Manager - Build and Release Infrastructure Software Engineering Manager, Ubuntu Gaming Systems Integrations Engineering Manager Linux Engineering Manager - Optimisation for Latest Hardware Software Engineering Manager - Container and Virtualisation Infrastructure Engineering Manager for IAM (Identity and Access Management) Software Platform Engineering Manager - Ubuntu for Next-Gen Silicon Software Engineering Manager - Ubuntu Linux Kernel Salesforce Engineering Manager, Commercial Systems Embedded Linux Field Engineering Manager Engineering Manager - Security Standards and Hardening

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Join to apply for the Engineering Manager - Ubuntu Security role at Canonical

1 week ago Be among the first 25 applicants

Join to apply for the Engineering Manager - Ubuntu Security role at Canonical

Get AI-powered advice on this job and more exclusive features.

As the most widely used Linux distribution, Ubuntu underpins the security of the entire internet. The role of Security Engineering Manager directly impacts the safety and security of millions of users worldwide. Join a team of security experts dedicated to protecting the open-source ecosystem and driving innovation. Your leadership will be instrumental in addressing emerging threats, developing robust security measures, and ensuring the continued integrity of Ubuntu. This is an opportunity to make a tangible difference and leave a lasting legacy on the digital landscape. The security engineering team's first responsibility is to respond to emerging threats and aim to secure the open source ecosystem for community and enterprise use. Your work will improve the security of millions of people, by addressing potential CVEs and vulnerabilities alongside the lifecycle of Canonical products such as Ubuntu. You will engage directly with our community and customers, as well as coordinating efforts across multiple engineering teams and projects to make this happen.

An Engineering Manager is responsible for line management and career guidance. The ability to develop engineering talent, to represent your team and product from a technical perspective, and to drive collaboration with other teams and customers are all critical to success in this role.

What you will do in this role

• Lead and develop a team of engineers, ranging from graduate to senior
• Provide technical guidance on vulnerability remediation
• Drive the development of new security engineering projects
• Work with upstream open source projects on vulnerability lifecycle handling
• Coach, mentor, and offer career development feedback
• Identify and measure team health indicators
• Implement disciplined engineering processes
• Represent your team and product to stakeholders, partners, and customers
• Develop and evangelise great engineering and organisational practices
• Plan and manage progress on agreed goals and projects
• Be an active part of the security engineering leadership team, collaborating with other leaders
  
  

What we are looking for in you

• An exceptional academic track record from both high school and university
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive, and a track record of going above-and-beyond expectations
• Excellent verbal and written communication skills in English
• A love of developing and growing people and a track record of it
• Organised and able to ensure your team delivers timely, high quality results
• Professional manner interacting with colleagues, partners, and community
• Solid background in software development, including expertise in support and maintenance
• Mastery in any programming language (Go, Java, C, Python, )
• Knowledgeable and passionate about software and application security
• Solid experience working in an agile development environment
• A demonstrated drive for continual learning
• Builds trust, relationships and confidence
• Result-oriented, with a personal drive to meet commitments
• Ability to travel twice a year, for company events up to two weeks each
  
  

Optional things we value

• Strong technical understanding of the inner-workings of Linux distributions (ideally Ubuntu or Debian)
  
  

What we offer you

We consider geographical location, experience, and performance in shaping compensation worldwide. We revisit compensation annually (and more often for graduates and associates) to ensure we recognise outstanding performance. In addition to base pay, we offer a performance-driven annual bonus. We provide all team members with additional benefits, which reflect our values and ideals. We balance our programs to meet local needs and ensure fairness globally.

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events
  
  

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world on a daily basis. We recruit on a global basis and set a very high standard for people joining the company. We expect excellence - in order to succeed, we need to be the best at what we do. Canonical has been a remote-first company since its inception in 2004. Working here is a step into the future, and will challenge you to think differently, work smarter, learn new skills, and raise your game.

Canonical is an equal opportunity employer

We are proud to foster a workplace free from discrimination. Diversity of experience, perspectives, and background create a better work environment and better products. Whatever your identity, we will give your application fair consideration.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Engineering and Information Technology
• Industries Software Development

Referrals increase your chances of interviewing at Canonical by 2x

Get notified about new Engineering Manager jobs in Jiddah, Makkah, Saudi Arabia .

Engineering Manager - Solutions Engineering Software Engineering Manager - Sustaining Engineering Technical Manager - Automotive and Industrial Engineering Manager - Public Cloud, Python, Golang Software Engineering Manager - Desktop and Embedded Linux Optimisation Engineering Manager - Build and Release Infrastructure Engineering Manager - Build and Release Infrastructure Software Engineering Manager, Ubuntu Gaming Systems Integrations Engineering Manager Linux Engineering Manager - Optimisation for Latest Hardware Software Engineering Manager - Container and Virtualisation Infrastructure Engineering Manager for IAM (Identity and Access Management) Software Platform Engineering Manager - Ubuntu for Next-Gen Silicon Software Engineering Manager - Ubuntu Linux Kernel Salesforce Engineering Manager, Commercial Systems Embedded Linux Field Engineering Manager Engineering Manager - Security Standards and Hardening

We're unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

The Risk Management Manager is pivotal in safeguarding the organization’s assets and ensuring compliance with industry regulations. This role encompasses the identification, assessment, and mitigation of risks that could adversely affect the organization’s operations, reputation, or financial health. The manager will develop comprehensive risk management policies and procedures, conduct thorough risk assessments, monitor compliance, and provide strategic guidance to senior management. The objective is to ensure that risks are effectively controlled and aligned with organizational goals, industry standards, and regulatory requirements.

Responsibilities:

1. Oversee the procurement of insurance and develop risk management and compliance policies and procedures while managing claims and litigation processes.
2. Identify, analyze, and evaluate a wide range of potential risks, including operational, financial, strategic, compliance, and reputational risks.
3. Conduct regular risk assessments across various departments and projects to identify vulnerabilities.
4. Design and implement risk mitigation strategies, ensuring that appropriate actions are taken to minimize exposures.
5. Monitor and report on risk exposures and trends to senior leadership, providing insights for decision-making.
6. Evaluate and recommend insurance policies, including Property, Casualty, General Liability, and Workers’ Compensation, to ensure adequate coverage.
7. Collaborate with internal departments such as finance, operations, HR, safety, and legal to integrate risk management practices into daily operations.
8. Ensure compliance with relevant local and international regulations, including ISO 31000 and the COSO ERM Framework.
9. Facilitate risk management training sessions and workshops to foster a culture of risk awareness throughout the organization.
10. Educate and train staff on risk management practices and the importance of risk awareness in their roles.
11. Act as a liaison with external auditors and regulatory bodies to ensure compliance with risk management standards.
12. Support business continuity planning and crisis management initiatives to prepare for unforeseen events.
13. Review contracts and agreements to identify potential risks and liabilities associated with business operations.
14. Engage with external stakeholders, including insurers, auditors, and regulatory bodies, to maintain effective risk management practices.

Preferred Candidate:

1. Proven experience in risk management within the manufacturing sector.
2. Strong analytical and problem-solving skills.
3. Excellent communication and interpersonal skills.
4. Ability to work collaboratively in a team environment.
5. Detail-oriented with a focus on compliance and regulatory requirements.
6. Proficiency in risk management software and tools.
7. Strong leadership abilities to guide teams through risk management initiatives.
8. Ability to adapt to changing environments and emerging risks.
9. Commitment to continuous professional development in risk management practices.
10. Strong ethical standards and integrity in managing sensitive information.

Skills

• In-depth knowledge of risk management frameworks and methodologies.
• Experience with risk assessment tools and techniques.
• Strong understanding of manufacturing processes and operational risks.
• Excellent report writing and presentation skills.
• Proficient in data analysis and risk modeling.
• Familiarity with regulatory compliance standards in the manufacturing industry.
• Ability to lead training sessions and workshops on risk management.
• Strong negotiation skills for dealing with external stakeholders.

#J-18808-Ljbffr

The Risk Management Manager is responsible for leading the identification, assessment, monitoring, and mitigation of risks across the organization in alignment with the company’s Enterprise Risk Management (ERM) framework. The role ensures compliance with laws, regulations, and governance requirements of a publicly listed entity in Saudi Arabia, including Capital Market Authority (CMA) guidelines and Tadawul listing rules. It plays a critical part in preparing accurate and transparent risk disclosures for the annual Board of Directors report, in line with best practice corporate governance standards.

Responsibilities

• Lead the implementation, maintenance, and continuous improvement of the organization’s ERM framework, policies, and procedures.
• Embed risk management practices into strategic planning, operational execution, and decision-making across all business units.
• Conduct periodic reviews of the ERM framework to align with regulatory changes and industry best practices.
• Coordinate enterprise-wide risk identification workshops and assessments with business and functional leaders.
• Maintain a comprehensive risk register covering financial, operational, strategic, compliance, reputational, ESG, and cyber risks.
• Assess risks based on likelihood, impact, and velocity, prioritizing in line with risk appetite and tolerance levels.
• Partner with functions to develop and implement mitigation strategies, controls, and contingency plans.
• Monitor key risk indicators (KRIs) and escalate emerging risks to senior management and the Board Risk Committee.
• Conduct follow-up reviews to ensure mitigation actions are implemented effectively and on time.
• Ensure risk practices comply with CMA, Tadawul listing rules, and Saudi Corporate Governance Regulations.
• Support audits related to risk management and coordinate alignment with compliance and internal audit teams.
• Prepare regular risk reports for senior management and the Board Risk Committee.
• Lead preparation of the risk section of the Annual Board Report, ensuring compliance with disclosure requirements.
• Oversee the Business Continuity Plan (BCP) and Crisis Management Framework, including testing and maintenance.
• Coordinate crisis responses to minimize operational and reputational impacts.
• Deliver risk awareness training and workshops to promote a risk-aware culture.
• Build strong relationships with regulators, external advisors, and stakeholders while staying ahead of emerging risk trends.
• Represent the company in external forums on risk management and governance.

Qualifications

• Bachelor’s degree in Finance, Accounting, Economics, Business Administration, or a related field.
• Professional certifications preferred: CFA, FRM, CRM, CPA, or equivalent.
• 7–10 years of experience in risk management, internal audit, or financial control, preferably in a publicly listed company or regulated industry.
• Strong knowledge of CMA guidelines, Tadawul listing rules, and Saudi Corporate Governance Regulations.
• Expertise in Enterprise Risk Management (ERM) frameworks and risk assessment methodologies.
• Strong analytical and problem-solving skills with the ability to assess and prioritize risks.
• Proficiency in developing risk registers, KRIs, dashboards, and reports.
• Experience in business continuity planning and crisis management frameworks.
• Strong stakeholder management and relationship-building skills.
• Excellent presentation, reporting, and communication skills for Board and executive audiences.
• High level of integrity, discretion, and professionalism in managing sensitive information.
• Bilingual proficiency in Arabic and English (written and spoken).

#J-18808-Ljbffr

Sr. Manager - Information Security Engineer

Job Purpose: Manage and maintain internal and external bank systems security. Promote the adherence to the information system security policies, procedures & guidelines. Promote system security education for internal or external parties. Present system security status across the organization periodically. Maintain internal and external regulatory requirements. Maintain physical security requirements. Ensure cybersecurity controls and defense measures are effectively implemented.

Responsibilities

Security Defense and Engineering

• Develop and implement a comprehensive cybersecurity systems and structure aligned with organizational goals, group architecture and SAMA requirements.
• Analyze security requirements and develop data and system protection strategies.
• Review the implementation of security controls (firewalls, encryption, identity management, endpoint security, mail security, etc.) to meet required effectiveness.
• Evaluate new technologies for security risks and benefits and make recommendations.
• Analyze security risks, impacts, and mitigation options to support risk management and business decisions.
• Provide effective security solutions for bank systems.
• Maintain confidential and sensitive information register.
• Develop and manage security programs such as identity and access management, encryption, anomaly detection, and cyber incident response.
• Research and evaluate emerging security technologies.
• Provide guidance to other IT personnel on security best practices.
• Identify security threats and vulnerabilities in existing IT systems and recommend appropriate mitigation strategies.

Threat Management and Incident Response

• Support information system security initiatives based on security assessments.
• Support mitigation plans for technology vulnerabilities and build a layered security approach (Network, OS, Application, Database).
• Proactively hunt for indicators of compromise, anomalous behavior, and potential threats.
• Identify, analyze, and mitigate cyber threats; conduct proactive threat research.
• Analyze detected threats using threat intelligence, malware analysis, and other techniques.
• Research new and emerging threats through open-source intelligence, dark web monitoring, and security communities.
• Develop and implement intelligence-driven detection and prevention controls.
• Continuously refine threat detection systems and processes.
• Conduct penetration testing to identify vulnerabilities and weaknesses.
• Assess security control effectiveness and recommend improvements.
• Conduct forensic investigations of cybersecurity incidents (data breaches, malware, phishing).
• Respond to incidents by isolating impacted systems, reimaging, disabling credentials, and removing malware.
• Develop and execute incident response plans, processes, and workflows.
• Support the Security Incident Response Team.
• Maintain chain of custody and adhere to forensics best practices.

Security Operations and Monitoring

• Supervise information systems security projects and services.
• Monitor system performance and ensure security policy compliance.
• Monitor security systems for threats, policy violations, and anomalies.
• Investigate and respond to security alerts and incidents.
• Coordinate with the Security Operations Center (SOC).
• Track patch management effectiveness.
• Measure cybersecurity KPIs.
• Monitor and analyze endpoint activity for threats, malware, and data breaches.

Cybersecurity Governance

• Develop and implement an information security governance framework to manage cybersecurity risks for the organization. This includes policies, standards, and procedures.
• Ensure compliance with relevant information security laws, industry standards, and best practices.
• Monitor system performance and ensure compliance with security policies.
• Manage the organization's security policies and assist in enforcing security protocols.

Cybersecurity Compliance

• Develop and implement a cybersecurity compliance program that ensures compliance with relevant laws, regulations, and industry standards including SAMA CSF, PCI DSS, ISO 27001, CMA CSF and other compliance mandates from SAMA.
• Lead the system-wide information security compliance program, ensuring IT activities, the banks projects processes, and procedures meet defined requirements, policies, and regulations.
• Develop and implement effective and reasonable policies and practices to secure protected and sensitive data and ensure information security and compliance with relevant legislation and legal interpretation.
• Execute strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors.

Cybersecurity Risk Management

• Identify risks on data protection.
• Cybersecurity Matrix, Risk Register, Appetite & Reporting.
• Participate in understanding the enterprise objectives and translate them in defining annual Information Security strategy, roadmap and objectives recommendations.
• Establishing and maintaining Information Security KPI and metrics, risk register and risk appetite.
• Maintaining overall security remediation plans and managing Information Security exceptions.
• Participate in the control effectiveness review of processes.
• Responsible for identifying compliance risks and to recommends, implements, and maintains technical and procedural controls to provide regulatory compliance in the most reasonable and cost-effective manner.
• Research and evaluate emerging security technologies.
• Stay updated on latest threats via information security forums/bulletins.
• Develop and maintain cybersecurity policies and procedures.
• Identify vulnerabilities in existing systems and recommend mitigation strategies.
• Perform security assessments and audits to identify gaps and improvement opportunities.
• Develop recommendations to strengthen defenses, mitigate risks, and ensure compliance.
• Automate security tasks and workflows.
• Maintain documentation of security configurations, policies, and processes.
• Test and evaluate new endpoint security technologies.
• Maintain SARIE system security.

Knowledge and Understanding:

• Cybersecurity principles and best practices (threat modeling, risk assessment, security controls, frameworks like SAMA CSF NIST, ISO, CIS).
• Regulatory compliance requirements (PDPL,GDPR, , PCI-DSS).
• Emerging technologies (blockchain, AI, machine learning) and their security implications. (preferable)
• Network protocols, operating systems, and databases.
• Security incident response processes and procedures.

Communication and Interpersonal Skills:

• Working effectively with cross-functional teams, stakeholders, and clients.

Qualification & Experience:

• Bachelor degree in information technology or equivalent.
• 8 – 10 years total system security banking experience
• One or more of the following qualifications are desirable:
• Certified Information Systems Security Professional (CISSP),
• Certified Information Security Manager (CISM),
• ISO27001 Lead implementer auditor
• Certified Ethical Hacker (CEH)
• GIAC Certified Forensic Examiner (GCFE)
• GIAC Certified Incident Handler (GCIH)
• Offensive Security Certified Professional (OSCP)

Skills

Technical Skills:

• Knowledge of secure systems, networks, and applications (firewalls, IDS/IPS, access control, encryption, authentication).
• Using security technologies and tools (vulnerability scanners, penetration testing tools, SIEM, endpoint).
• Designing and implementing secure cloud architectures ( Oracle, AWS, Azure,).
• Implementing security controls for DevOps processes (CI/CD, containerization, automation).
• Developing and implementing security policies, procedures, and standards.
• Conducting security audits and assessments.
• Knowledge of security assessments and penetration testing of network, systems and databases.
• Developing and testing incident response plans.
• Providing security training and awareness programs.

Analytical/Problem-Solving Skills:

• Identifying and mitigating security risks and vulnerabilities.

Project Management Skills:

• Managing multiple projects and priorities simultaneously.

Seniority level

• Mid-Senior level

Employment type

• Full-time

Job function

• Management, Engineering, and Project Management

Industries

• Financial Services and Insurance

#J-18808-Ljbffr

Location : Dammam

Education: Bachelor’s degree in Information Technology, IT Security, Computer Information Systems, or equivalent

Experience: Minimum 3–5 years of solid experience in Risk Management, Technology Risk, Information Security, or IT

Monthly Salary Package : 10,000 – 25,000 SAR (Max)

Qualifications :

• Information Assurance Certifications preferred : CISSP, CISA, Security+, GSEC, CRISC, or equivalent
• Strong verbal and written communication skills (English & Arabic)
• Excellent knowledge of Microsoft Office (Word, Excel, PowerPoint), internet, and email
• Solid knowledge of automated reporting systems & project management
• Experience with Key Risk Indicators (KRIs) and Technology Risk reporting preferred
• Ability to interpret regulations and communicate effectively across all levels
• Strong presentation and teamwork skills
• Results-driven and detail-oriented

Language Requirements : English & Arabic

Responsibilities

• Conduct IT systems reviews to identify and assess risks with remediation recommendations
• Provide assurance of effectiveness and efficiency of IT control environments across all IT domains and business areas
• Monitor and follow up on threat indicators, exploits, and vulnerabilities for timely remediation
• Support incident response and provide consolidated IT risk progress reports to management
• Prepare consolidated IT risk reports and dashboards for Technology Risk & Committees
• Document and maintain IT risk reports, SOPs, and departmental outputs
• Identify top critical IT risks and recommend frameworks to capture and govern risks
• Review and recommend improvements for IT risk measurement techniques (e.g., RCSAs)
• Act as focal point with ERM, IT Governance & Compliance, Information Security, and IT for risk reporting & remediation
• Participate in IT and digital risk tools / systems implementation with project teams and digital transformation division

Work Pattern : In person

Interview : Remote

#J-18808-Ljbffr

Join to apply for the Security Risk Management Specialist role at Canonical .

In security risk management we're looking to harness the power of industry best practice combined with driving new innovation on how we do security risk assessments and modelling. Our security risk management team is the primary owner of the strategy and practices of how we identify, track and reduce our security risk across everything we do. To support this we use industry best practices paired with emerging threat information to promote risk identification, quantification, impact analysis, and modelling to drive decision making. In this role you will help establish and execute a broad strategic vision for the security risk program at Canonical. You will work within the team and cross-functionally with various teams across the organisation. The team contributes ideas and requirements for Canonical product security, improving the resilience and robustness of all Ubuntu customers and users subject to cyber attacks. The team collaborates with our Organisational Learning and Development team to develop playbooks and security training across Canonical.

The security risk management team's mission is not only to secure Canonical, but also to contribute to the security of the wider open source ecosystem. They may share knowledge through public presentations and industry events, and share threat intelligence with the wider community or represent Canonical in sector-specific governance bodies.

What you will do in this role

• Define Canonical's security risk management standards and playbooks
• Analyse and improve Canonical's security risk practices
• Evaluate, select and implement new security requirements, tools and practices
• Grow the presence and thought leadership of Canonical security risk management practice
• Develop Canonical security risk learning and development materials
• Work with Security leadership to present information and influence change
• Participate in developing key risk indicators, provide inputs to the development of key control indicators, and key performance indicators for various programs
• Apply statistical models to risk frameworks (such as FAIR, sensitivity analysis, and others)
• Participate in risk management, decision-making, and collaborative discussions
• Lead quantified risk assessments and understand the value of qualitative data for improvements to quality and engineering processes
• Interpret internal or external cyber security risk analyses in business terms and recommend a responsible course of action
• Develop templates and materials to help with self-service risk management actions
• Monitor and identify opportunities to improve the effectiveness of risk management processes
• Launch campaigns to perform security assessments and help mitigate security risks across the company
• Build evaluation methods and performance indicators to measure efficiency of security functions and capabilities

What we are looking for

• An exceptional academic track record
• Undergraduate degree in Computer Science or STEM, or a compelling narrative about your alternative path
• Drive and a track record of going above-and-beyond expectations
• Deep personal motivation to be at the forefront of technology security
• Leadership and management ability
• Excellent business English writing and presentation skills
• Problem-solver with excellent communication skills, a deep technical understanding of security assessments and risk management
• Expertise in threat modelling and risk management frameworks
• Broad knowledge of how to operationalize the management of security risk
• Experience in Secure Development Lifecycle and Security by Design methodology

What we offer you

• Distributed work environment with twice-yearly team sprints in person
• Personal learning and development budget of USD 2,000 per year
• Annual compensation review
• Recognition rewards
• Annual holiday leave
• Maternity and paternity leave
• Employee Assistance Programme
• Opportunity to travel to new locations to meet colleagues
• Priority Pass, and travel upgrades for long haul company events

About Canonical

Canonical is a pioneering tech firm at the forefront of the global move to open source. As the company that publishes Ubuntu, one of the most important open source projects and the platform for AI, IoT and the cloud, we are changing the world. Canonical has been a remote-first company since its inception in 2004. Working here challenges you to think differently, work smarter, learn new skills, and raise your game. Canonical is an equal opportunity employer.

We recruit on a global basis and set a very high standard for people joining the company. We expect excellence. Whatever your identity, we will give your application fair consideration.

Seniority level

• Entry level

Employment type

• Full-time

Job function

• Finance and Sales

Industries

• Software Development