Head of Security📣 إعلان
| نوع العقد | دوام كامل | |
| طبيعة الوظيفة | بالموقع | |
| الموقع | مكة المكرمة |
وصف الوظيفة
About the Role
Salla is seeking a Head of Security to lead its security strategy and operations. This full-time position is based in Makkah, Saudi Arabia. The Head of Security will be the senior authority responsible for the security of Salla's platform, people, and merchants, translating risk into business language for executive leadership and the Board, and establishing security as a competitive advantage.
Key Responsibilities
- Develop and maintain the enterprise security strategy, roadmap, and operating model across cloud, network, endpoint, physical, and GRC domains, supporting Salla's growth and public-listing readiness.
- Serve as the primary security advisor, briefing the executive team and Board on cyber risk posture, investment priorities, and regulatory exposure.
- Define and manage the security budget, headcount plan, and tooling portfolio, focusing on measurable return on security investment.
- Establish security KPIs, OKRs, and a metrics-driven reporting cadence for leadership and audit committees.
- Lead cloud security initiatives, including platform hardening, network segmentation, secrets management, and workload protection, with a preference for AWS.
- Govern Infrastructure-as-Code security, container and Kubernetes security, and CI/CD pipeline integrity.
- Drive Cloud Security Posture Management and continuous compliance against recognized frameworks.
- Own network security architecture, including edge protection, DDoS mitigation, web application firewall, segmentation, and zero-trust network access.
- Oversee the CDN and edge security stack, bot management, and origin lockdown for high-traffic services.
- Lead endpoint protection across corporate and engineering fleets, including EDR/XDR and device hardening.
- Manage a continuous vulnerability and patch management program with clear remediation SLAs.
- Oversee physical security for Salla's offices and facilities in Makkah and other sites, including access control and CCTV.
- Lead Identity and Access Management (IAM) strategy, including single sign-on, multi-factor authentication, and privileged access management.
- Build and operate the security operations capability, including SIEM, detection engineering, and threat intelligence.
- Own the incident response lifecycle from preparation through recovery and post-incident review.
- Lead GRC functions, manage the enterprise risk register, and oversee risk assessment and treatment.
- Lead certification and audit programs (*, ISO 27001, SOC 2, PCI DSS) and ensure alignment with Saudi regulatory frameworks.
- Ensure data protection and privacy compliance under Saudi Personal Data Protection Law and SDAIA requirements.
- Prepare Salla's security and IT governance posture for Tadawul listing.
- Establish and manage the third-party risk program, including security due diligence and vendor onboarding.
- Develop and implement a company-wide security awareness and training program.
- Lead, mentor, and grow a multidisciplinary security organization.
- Forge cross-functional partnerships with Engineering, SRE, IT, Legal, HR, and Finance.
Qualifications and Experience
- 12+ years in information and cyber security, with at least 5 years in senior security leadership roles (Head of Security, Director, or CISO-track) within SaaS, fintech, or e-commerce organizations.
- Demonstrated ownership of security across multiple domains: cloud, network, endpoint, physical, and GRC.
- Deep hands-on and architectural knowledge of cloud security, particularly AWS, including Kubernetes and modern CI/CD practices.
- Proven experience building and operating security operations and incident response at scale.
- Strong GRC experience, including ISO 27001, PCI DSS, GDPR, and relevant Saudi regulatory frameworks (NCA ECC and CCC, PDPL and SDAIA; SAMA CSF is a plus).
- Experience leading audits and certifications, including IPO or regulatory-readiness programs.
- Excellent executive communication skills, with the ability to translate technical risk into business and regulatory language for the Board.
- Bachelor's degree in Computer Science, Engineering, Information Security, or a related field.
- Must be a Saudi National.
- Willingness and eligibility to work on-site in Makkah, Saudi Arabia.
متطلبات الوظيفة
- للسعوديين فقط
- تتطلب اكثر من ١٠ سنوات خبرة
وظائف مشابهة
قد يعجبك أيضاً
- وظائف ذات صلة بـ Head of Security
- وظائف Sales Representative في الخبر
- وظائف مدير مشتريات في الخبر
- وظائف مصمم جرافيك في الخبر
- وظائف محضر قهوة (باريستا) في الخبر
- وظائف أخصائي تسويق في الخبر
- مجالات وظيفية أخرى في مكة المكرمة
- وظائف Sales Representative في مكة المكرمة
- وظائف مدير مشتريات في مكة المكرمة
- وظائف محاسب زبائن (كاشير) في مكة المكرمة
- وظائف محضر قهوة (باريستا) في مكة المكرمة
- وظائف أخصائي تسويق في مكة المكرمة
- وظائف مسوق عقاري في مكة المكرمة
- وظائف STOREKEEPER في مكة المكرمة
- وظائف Legal Specialist في مكة المكرمة
- وظائف Sales Consultant في مكة المكرمة
- وظائف Quality Controller في مكة المكرمة
- استكشف الوظائف في أنحاء المملكة
- وظائف معلم ثانوي اجتماعيات في الرياض
- وظائف مهندس كهربائي في الدمام
- وظائف فني هندسة مدنية في الوجه
- وظائف معلم ثانوي تربية فنية في ابها
- وظائف أخصائي صحة وسلامة مهنية في بقيق
- وظائف اخصائي علاج طبيعي في المبرز
- وظائف أخصائي علاج طبيعي في سكاكا
- وظائف طبيب أسنان عام في القطيف
- وظائف مشرف فني في ابو عريش
- وظائف مراقب اجتماعي في الدمام