Qiddiya Investment Company is at the cutting edge of real estate and entertainment development, and we are currently seeking an experienced and strategic Manager - Cybersecurity Risk Management to join our team. In this pivotal role, you will be responsible for developing and overseeing the implementation of a comprehensive cybersecurity risk management framework that protects our critical information assets and ensures compliance with relevant regulations.
Your expertise will be essential in identifying, assessing, and mitigating cybersecurity risks while fostering a culture of security awareness throughout the organization. You will collaborate closely with cross-functional teams to enhance our overall security posture.
Responsibilities
- Lead the development and execution of the Cybersecurity Risk Management strategy and road map, ensuring alignment with applicable Saudi regulations, business objectives, and IT strategies.
- Develop, implement, and maintain a comprehensive Cybersecurity Risk Management program in alignment with Enterprise Risk Management (ERM).
- Oversee the development and implementation of cybersecurity risk management methodologies, ensuring alignment with applicable regulations and ERM methodologies.
- Collaborate with the Cybersecurity Architecture team to ensure integration and alignment with Enterprise Architecture (EA).
- Drive the development, implementation, and maintenance of cybersecurity awareness and training programs tailored to organizational risks.
- Evaluate and oversee the cybersecurity aspects of contracts to ensure risks are identified and mitigation plans are in place.
- Develop, maintain, and ensure proper review and update of the cybersecurity risk register.
- Lead the yearly budgeting exercise to ensure sufficient resources are allocated for cybersecurity risk management.
- Provide expert advice to senior management on cybersecurity risk management matters and emerging threats.
- Mentor and develop a team of cybersecurity risk management professionals, ensuring they have the skills and knowledge to perform their roles effectively.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Risk Management, or a related field.
- 5+ years of experience in cybersecurity risk management or IT security roles.
- Strong expertise in cybersecurity frameworks, standards, and best practices (e.g., NIST, ISO 27001, COBIT).
- Proven experience conducting risk assessments and managing risk mitigation strategies.
- Relevant certifications such as Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), or Certified Risk Management Professional (CRMP) are highly desirable.
- Excellent analytical, communication, and leadership skills.
- A proactive approach to problem-solving and decision-making in high-pressure environments.
Benefits
Offering a comprehensive compensation and benefits package.