22 Threat Modeling jobs in Saudi Arabia

**Company description**
Come help us create a better everyday life for the many people. That’s the IKEA vision. We do that by offering a wide range of home furnishings with good design and function at prices so low that as many people will be able to afford them.

Do you value simplicity, cost-consciousness, a humble attitude, and willpower? Then an IKEA career may be right for you.

We strive for excellent leadership to lead business and people together. We believe people learn and develop best when they perform and deliver in the real world.

**Job description** Purpose**

Responsible for overseeing and controlling all aspects of information security in the group. The job entails planning and carrying out security measures that will protect a business’s data and information from deliberate attack, unauthorized access, corruption and theft.

**Accountabilities**
- Dealing with risks that include DoS attacks, hacking and unauthorized access to a computer systems, phishing, viruses, spyware, worms, Trojans, the abuse of permission granted to authorized system users, pharming and ransomware.
- Assessing the risks to computer systems and planning to minimize possible threats
- Upgrading existing security systems or designing new ones
- Testing security products and evaluating them
- Simulating security breaches to test procedures
- Making plans for disaster recovery in case security is breached
- Carrying out corrective actions in the event of a breach
- Looking for weak points in the system and securing them
- Ensuring that international and national network security standards are met
- Preparing technical documentation and reports for users and managers.
- Provide information security awareness training to organization personnel
- Creating and managing security strategies
- Oversee information security audits, whether by performed by organization or third-party personnel
- Evaluate department budget and costs associated with technological training
- Assess current technology architecture for vulnerabilities, weaknesses and for possible upgrades or improvement
- Implement and oversee technological upgrades, improvements and major changes to the information security environment
- Serve as a focal point of contact for the information security team and the organization and external parties
- Manage and configure physical security, disaster recovery and data backup systems
- Communicate information security goals and new programs effectively with other department managers within the organization.
- Work closely with the Head of Risk & Compliance and senior IT Services stakeholders to ensure that appropriate security guidance is provided to support project delivery;
- Designing and implementation of standards, policies, guidelines and appropriate architectural principles to ensure the firm’s cyber security goals continue to be met.
- Provide risk based direction in conjunction with IT Services for future system enhancements in line with the overall firm’s strategy
- Recognize potential opportunities for enhancing the firm’s security, ensuring mínimal impact to practitioners
- Monitoring and reporting on compliance with security and data protection policies, as well as the enforcement of policies
- Take ownership and ensure Governance, Policy and Procedures in relation to Management of Information Security meets agreed standards within the group.
- Manage information security escalations from the Security Operations Center

**Qualification**
- Bachelors or master’s degree in cyber security, software engineering, computer engineering or equivalent.

**Experience**
- 5+ years in information risk and information security management
- Familiarity with regulatory requirements related to handling information, including SOX, HIPAA, and Payment Card Industry/Data Security Standard (PCI) and data privacy regulations.
- Proficiency with firewalls, endpoint security, mobility management, and vulnerability scanning
- Broad knowledge of a wide range of Information Technology systems and a deep understanding of the inherent security risks associated with these technologies
- Strong technical abilities, combined with business understanding
- Ability to present security topics to a non-technical audience and presenting the business value of security
- A good understanding of IT networking and access management concepts
- Implement proactive and reactive controls and tools to capture the information security risks and minimize the impact
- Working knowledge of Security Architecture and potential security issues related to them PaaS, IaaS, SaaS and understanding of IAM, and Data Loss Prevention in a Microsoft Azure environment
- Knowledge of security technologies such as IDS/IPS, vulnerability testing and Firewalls

**_ Specific Designations, Certifications, Licenses_**
- CISSP (Must)
- CISA (Must)
- CRISC / SABSA (preferred)
- ISACA Certified Information Manager (Must)

Our client is a large Retail group based in Jeddah, Saudi Arabia. They have presence across the GCC.

The Senior Manager - Information Security will be responsible for:

• Managing the Information Security department
• Working closely with enterprise risk teams, senior management and the Board of Directors to achieve corporate and Information Security objectives
• Identifying and managing vendors
• Managing information security awareness training program
• Information Security GRC
• Oversight of the Data Protection & Privacy program; ensuring the organisation is compliant with various regulatory requirements such as PDPL
• Continuous review and development of Information Security strategy
• Ensuring Information Security is built into enterprise and technology architecture
• Incident response plans, disaster recovery strategies and management of Information Security risk
• Working closely with internal audit teams
• Regular reporting to senior leadership

The Senior Manager - Information Security will be/have:

• A Bachelor's degree in Computer Science, Information Technology or related fields of study
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or similar qualifications
• Knowledge of common information security and data privacy management frameworks and regulatory requirements such as ISO/IEC 27001, NIST, NCA, PDPL, GDPR, etc.
• 7+ years of experience in Information Security/Cybersecurity, of which at least 3 years must have been in a managerial role
• Experience in working for large organisations (Retail industry experience is preferred, but not mandatory)
• Experience with contract and vendor negotiations
• Excellent stakeholder management skills; ability to interact with, and influence, C-suite stakeholders
• Excellent written and verbal communication skills
• Based in/willing to relocate to Jeddah
• A Saudi national (strongly preferred)

#J-18808-Ljbffr

Our client is a large Retail group based in Jeddah, Saudi Arabia. They have presence across the GCC.

The Senior Manager - Information Security will be responsible for:

• Managing the Information Security department
• Working closely with enterprise risk teams, senior management and the Board of Directors to achieve corporate and Information Security objectives
• Identifying and managing vendors
• Managing information security awareness training program
• Information Security GRC
• Oversight of the Data Protection & Privacy program; ensuring the organisation is compliant with various regulatory requirements such as PDPL
• Continuous review and development of Information Security strategy
• Ensuring Information Security is built into enterprise and technology architecture
• Incident response plans, disaster recovery strategies and management of Information Security risk
• Working closely with internal audit teams
• Regular reporting to senior leadership

The Senior Manager - Information Security will be/have:

• A Bachelor's degree in Computer Science, Information Technology or related fields of study
• Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA) or similar qualifications
• Knowledge of common information security and data privacy management frameworks and regulatory requirements such as ISO/IEC 27001, NIST, NCA, PDPL, GDPR, etc.
• 7+ years of experience in Information Security/Cybersecurity, of which at least 3 years must have been in a managerial role
• Experience in working for large organisations (Retail industry experience is preferred, but not mandatory)
• Experience with contract and vendor negotiations
• Excellent stakeholder management skills; ability to interact with, and influence, C-suite stakeholders
• Excellent written and verbal communication skills
• Based in/willing to relocate to Jeddah
• A Saudi national (strongly preferred)

#J-18808-Ljbffr

Chief Information Security Officer (CISO)

This is a full-time on-site role for a Chief Information Security Officer (CISO) at Tazamun Technologies in Mecca.

Company Description:

Tazamun Technologies in Mecca is a team of experienced digital transformation consultants dedicated to helping businesses unlock their full potential through digitalization. Their services include digital strategy development, process automation, cloud adoption, data analytics, and cybersecurity solutions.

Role Description:

The CISO will be responsible for overseeing business continuity, information security management, cybersecurity, and application security to protect the company and their clients from digital threats and ensure data security.

Qualifications:

• Minimum requirement of a Master's degree.
• Experience with National Cybersecurity Authority (NCA) standards and implementation.
• Experience in Governance, Risk, and Compliance (GRC) in the context of cybersecurity.
• Must be located in or near Mecca.

In addition to the above qualifications, candidates should possess:

• Business Continuity and Information Security Management skills
• Cybersecurity and Information Security expertise
• Application Security knowledge
• Experience in developing and implementing cybersecurity strategies
• Strong understanding of industry best practices and compliance standards
• Excellent communication and problem-solving skills
• Leadership experience in information security roles
• Certifications such as CISSP, ISO 2700x, ISM, or CISA are a plus

Build Your Career With Tazamun Team

We are always looking for creative, ambitious, and committed individuals who strive for excellence. If you have the skills and experience that add real value, and are interested in working in a field that focuses on technical challenges and smart solutions, we encourage you to apply and join us.

#J-18808-Ljbffr

Chief Information Security Officer (CISO) Chief Information Security Officer (CISO)

Get AI-powered advice on this job and more exclusive features.

We are seeking a seasoned and strategic Chief Information Security Officer (CISO) to lead our cybersecurity vision, strategy, and execution. This executive role is central to driving enterprise-wide security initiatives and safeguarding both internal and client-facing environments. The successful candidate must be a Saudi national with deep expertise in regulatory compliance, enterprise risk management, and operational cybersecurity, particularly in alignment with national frameworks such as SAMA , NCA , and CITC .

Key Responsibilities

• Develop and lead the organization's overall information security strategy
• Ensure full adherence to local cybersecurity regulations, including SAMA, NCA ECC/CCC, and CITC guidelines
• Oversee the planning, execution, and continuous improvement of incident response and threat detection capabilities
• Establish and maintain cybersecurity governance, risk policies, and awareness programs
• Provide strategic cybersecurity guidance to executive leadership and the board, including risk posture assessments and security investment planning
  
  

Required Qualifications

• Saudi nationality is mandatory, in line with national employment regulations
• Bachelor's degree in Cybersecurity, Information Technology, or a related field (Master's degree preferred)
• Minimum of 10 years' experience in cybersecurity, with at least 5 years in a senior leadership capacity
• Industry-recognized certifications such as CISSP, CISM, CISA, or equivalent
• In-depth understanding of both local regulatory requirements and global standards (e.g., ISO 27001, NIST)
• Proven background in regulated industries such as finance, government, telecommunications, or critical infrastructure
• Strong leadership and team-building capabilities, with a track record of leading high-performing security teams
• Bilingual fluency in Arabic and English, with excellent communication and presentation skills
  
  

Benefits

• Competitive salary and performance-based bonuses
• Professional development opportunities and certifications
• Flexible work schedule and semi-remote work options
• Collaborative and innovative work environment

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Other
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at Obrela by 2x

Sign in to set job alerts for “Chief Information Security Officer” roles. Virtual Chief Information Security Officer (vCISO) / Compliance Officer Chief Security Officer (Indian Subcontinent)

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

Senior Information Security GRC Specialist

Join to apply for the Senior Information Security GRC Specialist role at NTT DATA, Inc.

Senior Information Security GRC Specialist

Join to apply for the Senior Information Security GRC Specialist role at NTT DATA, Inc.

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Make an impact with NTT DATA

Join a company that is pushing the boundaries of what is possible. We are renowned for our technical excellence and leading innovations, and for making a difference to our clients and society. Our workplace embraces diversity and inclusion – it’s a place where you can grow, belong and thrive.

Your day at NTT DATA

The Senior Information Security Governance, Risk and Compliance (GRC) Specialist is an advanced subject matter expert, responsible for playing a crucial part in overseeing the organization's information security program, with a focus on governance, risk management, compliance, security awareness, and policy management.

This role involves leading risk assessments, developing security policies, ensuring alignment with industry standards and regulations, and fostering a culture of security awareness among employees.

This role may be required to guidance and support to junior members of the GRC team.

Key Responsibilities:

• Leads risk assessments and gap analyses to identify vulnerabilities and recommends risk mitigation strategies.
• Develops and maintains security policies, standards, and procedures.
• Collaborates with legal and compliance teams to ensure adherence to regulatory requirements.
• Provides guidance and support to junior GRC team members.
• Assists in the creation and delivery of security awareness and training programs.
• Participates in security incident response activities as needed.
• Contributes to the continuous improvement of the information security program.
• Assists in policy management and refinement.
• Performs any other related task as required.
• Closing gabs on key findings during internal audits and evidence validation.
  
  

To thrive in this role, you need to have:

• Strong knowledge and experience with NCA regulations.
• Strong experience in Essential Cybersecurity Controls (ECC).
• Advanced understanding of information security frameworks and standards.
• Advanced proficiency in conducting risk assessments, analyzing security controls, and policy management.
• Excellent communication and interpersonal skills for collaborating with various stakeholders.
• Strong project management skills for handling security initiatives.
• Advanced familiarity with legal and compliance aspects related to information security.
  
  

Academic Qualifications and Certifications:

• Bachelor’s degree or equivalent in Information Technology or Computer Science degree or related field.
• Security certifications such as CISA, CRISC, COBIT, IIA or equivalent preferred.
• Certifications such as Lead audit/Implementer - ISO 27001, SOC TSP preferred.
  
  

Required Experience:

• Advanced experience in information security, including GRC-related roles.
• Advanced experience in leading risk assessments, compliance efforts, security awareness initiatives, and policy management.
  
  

Workplace type:

On-site Working

About NTT DATA

NTT DATA is a $30+ billion trusted global innovator of business and technology services. We serve 75% of the Fortune Global 100 and are committed to helping clients innovate, optimize and transform for long-term success. We invest over $3.6 billion each year in R&D to help organizations and society move confidently and sustainably into the digital future. As a Global Top Employer, we have diverse experts in more than 50 countries and a robust partner ecosystem of established and start-up companies. Our services include business and technology consulting, data and artificial intelligence, industry solutions, as well as the development, implementation and management of applications, infrastructure, and connectivity. We are also one of the leading providers of digital and AI infrastructure in the world. NTT DATA is part of NTT Group and headquartered in Tokyo.

Equal Opportunity Employer

NTT DATA is proud to be an Equal Opportunity Employer with a global culture that embraces diversity. We are committed to providing an environment free of unfair discrimination and harassment. We do not discriminate based on age, race, colour, gender, sexual orientation, religion, nationality, disability, pregnancy, marital status, veteran status, or any other protected category. Join our growing global team and accelerate your career with us. Apply today.

Seniority level

• Seniority level Mid-Senior level

Employment type

• Employment type Full-time

Job function

• Job function Information Technology
• Industries IT Services and IT Consulting

Referrals increase your chances of interviewing at NTT DATA, Inc. by 2x

Sign in to set job alerts for “Senior Information Security Specialist” roles. Senior Information Security Consultant – Immediate

We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.

#J-18808-Ljbffr

This pivotal role involves overseeing all aspects of information security to ensure the protection of sensitive data and systems. Responsibilities include managing risks, responding to incidents, maintaining network security, and ensuring compliance with industry standards. Strong leadership, effective communication, problem-solving abilities, and strategic thinking are essential for navigating the complexities of cybersecurity. The focus is on proactively identifying and mitigating security threats to safeguard the organization's valuable assets. Embracing a culture of ownership is crucial for establishing a secure environment and fostering a strong defense against potential cyber attacks.

Skills

The ideal candidate should have previous hands-on experience serving in the role of a Chief Information Security Officer (CISO) to effectively fulfill the requirements of this position.
Experience in risk management and implementing strategies to mitigate threats.
Proficiency in incident response procedures and protocols to swiftly address security incidents.
Knowledge of network security principles and best practices to secure organizational infrastructure.
Familiarity with compliance standards such as GDPR, HIPAA, and PCI DSS to ensure regulatory adherence.
Demonstrated leadership skills to guide and inspire a team of security professionals.
Excellent communication abilities to convey complex security concepts to non-technical stakeholders.
Strong problem-solving capabilities to analyze security issues and develop effective solutions.
Strategic thinking to anticipate future security challenges and implement proactive measures.
Demonstrates ownership mentality by taking responsibility for cybersecurity initiatives and driving a culture of accountability. #J-18808-Ljbffr

Senior Information Security Presales Engineer

Get AI-powered advice on this job and more exclusive features.

Job Summary
We are looking for a highly skilled Senior Information Security Presales Engineer to join our team. This role requires a strong technical background with hands-on experience in cybersecurity and IT infrastructure. The ideal candidate will play a key role in engaging with clients, designing solutions, and supporting the sales process with technical expertise. The role is 70% technical (solution design, POC, implementation) and 30% presales (client meetings, proposal support, presentations).

Technical Responsibilities

• Design and architect cybersecurity solutions tailored to client requirements.
• Lead technical workshops, solution demos, and proof-of-concepts (PoCs).
• Evaluate and recommend appropriate technologies based on client needs.
• Collaborate with delivery and engineering teams to ensure solution feasibility and smooth handover.
• Deep knowledge and hands-on implementation experience with SIEM, SOAR, XDR/EDR, NDR, Threat Intelligence Platforms, PAM, IAM, Database encryption, SAST/DAST, Vulnerability management, DRM, and GRC.
• Stay up to date on emerging cybersecurity technologies, threats, and compliance frameworks.
• Create detailed technical documentation, solution designs, and both high-level and low-level designs.

Presales Responsibilities

• Support sales team in meetings with technical presentations and product walkthroughs.
• Respond to RFPs, RFQs, and technical questionnaires.
• Prepare solution proposals in collaboration with account managers and technical teams.
• Build and maintain relationships with clients and vendors.
• Present solutions to stakeholders, including technical and non-technical audiences.

Qualifications

• Bachelor’s degree in computer science, Information Security, or a related field.
• Minimum 5–7 years of experience in cybersecurity and network engineering.
• Strong hands-on expertise in SIEM, SOAR, XDR/EDR, NDR, TIP, PAM, IAM, DRM, Database Encryption, SAST/DAST, Vulnerability management, and GRC tools.
• Excellent communication and presentation skills.
• Relevant certifications such as CISSP, CISM, CISA, CEH, CCSP, GIAC are preferred.

Additional Details

• Seniority level: Mid-Senior level
• Employment type: Full-time
• Job function: Analyst
• Industries: IT Services and IT Consulting

#J-18808-Ljbffr

This pivotal role involves overseeing all aspects of information security to ensure the protection of sensitive data and systems. Responsibilities include managing risks, responding to incidents, maintaining network security, and ensuring compliance with industry standards. Strong leadership, effective communication, problem-solving abilities, and strategic thinking are essential for navigating the complexities of cybersecurity. The focus is on proactively identifying and mitigating security threats to safeguard the organization's valuable assets. Embracing a culture of ownership is crucial for establishing a secure environment and fostering a strong defense against potential cyber attacks.

Skills

The ideal candidate should have previous hands-on experience serving in the role of a Chief Information Security Officer (CISO) to effectively fulfill the requirements of this position.
Experience in risk management and implementing strategies to mitigate threats.
Proficiency in incident response procedures and protocols to swiftly address security incidents.
Knowledge of network security principles and best practices to secure organizational infrastructure.
Familiarity with compliance standards such as GDPR, HIPAA, and PCI DSS to ensure regulatory adherence.
Demonstrated leadership skills to guide and inspire a team of security professionals.
Excellent communication abilities to convey complex security concepts to non-technical stakeholders.
Strong problem-solving capabilities to analyze security issues and develop effective solutions.
Strategic thinking to anticipate future security challenges and implement proactive measures.
Demonstrates ownership mentality by taking responsibility for cybersecurity initiatives and driving a culture of accountability.