Head of IT Security

Overview

The Head of IT Security will be responsible for designing, implementing, and managing the security measures defined by the Cyber-Security Department to safeguard our cloud infrastructure, applications, and data. Working closely with the Cyber-Security team, the candidate will develop and execute comprehensive security strategies, mitigate security risks, and ensure compliance with industry standards and regulations [covering SAMA Cyber Security Framework and the NCAA].

Responsibilities

• Lead and mentor a diverse team of Security Engineers, fostering a collaborative and high-performance culture aligned with the bank’s goals.
• Provide technical guidance, promote continuous learning, and deliver training programs to enhance team members’ capabilities.
• Administer and maintain the Security Information and Event Management (SIEM) platform, ensuring systems are up to date and compliant.
• Conduct security assessments and audits to identify and mitigate risks across infrastructure and applications.
• Implement and manage cloud security controls, including OS hardening, SIEM solutions, patch management, DLP, endpoint detection, security tagging, threat detection, cloud logging and monitoring, and cloud security tools.
• Resolve security observations identified by regulators, auditors, penetration tests, and internal cybersecurity teams.
• Implement threat detection tooling and monitor the security posture of all devices and servers.
• Ensure regulatory physical security tooling is implemented within the bank’s facilities.
• Implement Data Loss Prevention controls to maintain operations and meet RPO/RTO goals.
• Deploy and manage authentication and authorization tools covering Active Directory, Single Sign-On, security groups, permissions, and IAM.
• Participate in data center audits and reviews from a security perspective.
• Ensure vulnerability scanning services are implemented and maintained.
• Maintain awareness of major security threats and recommend improvements to security posture.
• Configure and manage VPNs to securely control application access.
• Enforce the principle of least privilege across the organization.
• Implement and manage web security policies, including URL filtering and threat protection.
• Monitor and respond to container security threats.
• Collaborate with cross-functional teams to design, implement, and maintain security solutions that align with business objectives and best practices.
• Participate in meetings with internal customers, negotiate expectations, and ensure alignment with security requirements.
• Collaborate with the cybersecurity team to enforce standards, implement controls, and meet regulatory requirements.
• Lead the team in resolving technical issues, outages, and performance bottlenecks.
• Manage manpower planning, set performance goals, and conduct evaluations for direct reports.
• Provide continuous coaching, feedback, and development opportunities to team members.
• Coordinate with other departments to ensure effective communication of security policies and awareness training.
• Oversee technical security configurations, patching, and system hardening.
• Monitor and manage security operations including SIEM alerts, intrusion detection, and endpoint protection.
• Coordinate vulnerability scanning, penetration testing, and remediation of identified weaknesses.
• Administer and monitor privileged accounts and technical access controls.
• Support incident response through containment, investigation, and recovery activities.
• Implement safeguards to meet regulatory and audit requirements.
• Provide technical security input for IT projects, upgrades, and integrations.

Qualifications & Experience

• Bachelor’s degree in Computer Science, Information Technology or related field within Security
• At least 6 years’ experience administering and maintaining Security tools such as SIEM, EDR, Brand Protection, WAF, OS Security, Cloud security, Network Security, database security, application security, Active Directory and Container security technologies.
• Proven experience in leading technical teams
• At least 14 years of experience working with and administering both on-premises and SaaS security-related tools associated with the position.
• At least 6 years’ experience in managing technical teams
• Demonstrated expertise in the implementation, management, and maintenance of a variety of security tools and technologies, including but not limited to those listed in the job description.
• Experience with cloud security, including AWS, Azure, and Google Cloud Platform, as well as on-premises security solutions.
• Relevant certifications, such as CISSP, CISM, or similar, are a plus.
• Knowledge in tools like Zscaler and SentinelOne
• Banking Experience preferred
• Understanding of EndPoint Detection / Anti-virus tools
• Understanding of different cloud encryption method
• Knowledge of Oracle Vault, AWS KMS, and HSM solutions
• Technical Skills: Good knowledge of technology regulatory requirements in the KSA and Middle East
• Excellent written and verbal communication skills, with the ability to communicate technical information to non-technical stakeholders.
• Strong understanding of security principles, protocols, and best practices.
• Proven ability to monitor and analyze security threats, triaging incidents and taking appropriate remediation measures to protect the organization.
• Strong problem-solving skills, with the ability to work independently and within a team.
• In-depth technical knowledge and experience in enabling agile Digital Banks, including: public, private and hybrid cloud platforms and tools
• Must be experienced with operating systems like Windows, Linux, and UNIX

Note

VaporVM and related branding appear in the original content; this refined version excludes candidate forms, multiple job postings, and extraneous boilerplate to maintain a focused, job-focused description.