Information Security Manager📣 Job Ad
about 1 hour ago
 | Contract Type | Full-time |
 | Workplace type | On-site |
 | Location | Jeddah |
Job Description
About the Role
My Clinic KSA, a leading multispecialty outpatient care provider in Saudi Arabia since 2017, is seeking an Information Security Manager to lead its information and cybersecurity program. This full-time position is based in Jeddah and Makkah.
Role Overview and Responsibilities
The Information Security Manager will be responsible for developing and executing comprehensive security and risk management strategies, with a primary focus on Governance, Risk, and Compliance (GRC). This role ensures the protection of sensitive patient data and adherence to cybersecurity regulations, including CIS, NIST, and National Cybersecurity Authority (NCA) controls and standards. Key responsibilities include:
- Developing and implementing information security and data protection policies aligned with industry standards (CIS, NIST, NCA) and KSA's Personal Data Protection Law (PDPL).
- Leading enterprise-wide risk assessments, maintaining a risk register, and implementing mitigation strategies.
- Overseeing outsourced Security Operations Center (SOC) activities, ensuring effective threat monitoring, detection, and response, and reviewing SOC performance against KPIs.
- Ensuring organizational compliance with cybersecurity frameworks (CIS, NIST, NCA) and data protection regulations, including those from SDAIA and NCA.
- Performing Data Protection Impact Assessments (DPIAs) to evaluate and mitigate risks associated with data processing.
- Overseeing the development and execution of incident response plans for cybersecurity and data breach incidents, ensuring timely reporting and incorporation of lessons learned.
- Designing and delivering organization-wide training and awareness programs on cybersecurity and data protection.
- Evaluating and monitoring third-party vendor contracts for compliance with cybersecurity and data protection requirements.
- Conducting regular audits of cybersecurity practices and GRC controls, providing recommendations for identified gaps.
- Serving as a focal point for senior management on cybersecurity risks and GRC initiatives, providing regular reports on risk status.
- Coordinating the execution of IT security operations with IT and business senior management to ensure robust asset protection.
- Leading and mentoring the internal information security team, fostering professional growth.
Qualifications and Experience
Candidates should possess:
- A Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Business Administration, or a related field. A Master’s degree in Cybersecurity, Information Security, or Risk Management is highly desirable.
- A minimum of 5-10 years of experience in information security or cybersecurity operations.
- At least 3 years in a managerial, supervisory, or advisory role focused on Governance, Risk, and Compliance (GRC) or risk management.
- Experience overseeing or collaborating with outsourced Security Operations Centers (SOCs) is preferred.
Required Knowledge and Skills
The ideal candidate will have:
- In-depth understanding of cybersecurity frameworks such as CIS, NIST, ISO 27001, and NCA controls.
- Comprehensive knowledge of data protection and privacy laws, including KSA’s PDPL and international regulations (*, GDPR, HIPAA).
- Familiarity with KSA’s regulatory environments, including SDAIA and NCA.
- Strong understanding of risk management methodologies.
- Knowledge of IT service management (ITSM) frameworks, such as ITIL.
- Proficiency in IT operations, service management, and cybersecurity practices, including incident response, threat detection, and vulnerability management.
- Expertise in risk assessment tools and methodologies.
- Familiarity with security information and event management (SIEM) systems, intrusion detection/prevention systems (IDPS), and other security monitoring tools.
- Ability to evaluate and oversee third-party security providers, including SOC performance metrics and KPIs.
- Strong analytical skills to interpret security data and integrate operational insights into risk management frameworks.
Professional Certifications
Required certifications include CompTIA Security+ and ISC2 Certified in Cybersecurity (CC). Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) certifications are preferred. Highly desirable certifications include ISO 27001 Lead Auditor (LA) or Lead Implementer (LI), Certified in Risk and Information Systems Control (CRISC), ITIL Foundation, Certified Ethical Hacker (CEH), or CompTIA Security+.
Requirements
- Requires 5-10 Years experience
Similar Jobs
You may also like
- Related Information Security Manager Opportunities
- Sales Representative Jobs in Abha
- Business Development Specialist Jobs in Abha
- Barista Jobs in Abha
- Restaurant Manager Jobs in Abha
- Promoter Jobs in Abha
- Other Job Fields in Jeddah
- Sales Representative Jobs in Jeddah
- Business Development Specialist Jobs in Jeddah
- Barista Jobs in Jeddah
- Digital Marketing Specialist Jobs in Jeddah
- Restaurant Manager Jobs in Jeddah
- Human Resources Clerk Jobs in Jeddah
- Social Media Management Specialist Jobs in Jeddah
- Human Resources Manager Jobs in Jeddah
- Promoter Jobs in Jeddah
- Customer Service Representative Jobs in Jeddah
- Explore Jobs Across Saudi Arabia
- Mechanical Technician Jobs in Hail
- Guest Services Associate Jobs in Dammam
- Barista Jobs in Sayhat
- Administrative Assistant Jobs in Jeddah
- Operations Manager Jobs in Jeddah
- Financial Analysis Specialist Jobs in Al Khobar
- Barista Jobs in Dammam
- Operations Supervisor Jobs in Arar
- Cost Engineer Jobs in Jeddah
- Special Education Specialist Jobs in Khamis Mushayt