Information Protection Section Head
Summary
| Title: | Information Protection Section Head |
|---|---|
| ID: | 3078 |
| Department: | Information Technology |
| Location : | Riyadh |
| Nationality : | Saudi Arabia |
| Industry: | IT Services |
| Type of Contract : | Full-time |
Description
Responsibilities
- Define, establish and maintain the Identity & Access Management (I&AM) solutions architecture in a holistic manner, with coverage across technology, process and people components.
- Manage the usage of highly sensitive/privileged accounts that are used by all users.
- Manage and operate the corporate directory service (Microsoft Active Directory)
- Responsible for the day-to-day support of SAP GRC (Governance Risk & Compliance) Access Controls.
- Leads the enhancement process for the Identity Access Management (IAM) solutions.
- Manage the functions (security monitoring, threat intelligence, incident investigation and handling) of the 24/7 security intelligence center (SIC).
- Monitor SIC functions Service level agreements, key performance indicators, determine gaps in performance metrics, and recommend change management processes for efficiency and quality improvements.
- Identify root cause of incidents through evidence collection in a forensically sound manner and determine if any data was compromised.
- Responsible for the overall security operations in Sadara environment in order to effectively identifying, quantifying, protecting and managing cybersecurity vulnerabilities and threats across the organization domain.
- Works with Internal audit and quality assurance to close all audit findings, if any.
- Manages Third Party Security vendors who provide MSS or other security services.
- Highlight/identify operational gaps (performance and capacity) in existing architectures and functionality and review service requirements with stakeholders. Ensure that relevant stakeholders are involved in specification of new services and/or major upgrades to existing services.
- Develop preventive maintenance plans appropriately allocated between the managed services provider and the organization IT staff. Inspect/audit periodically to ensure maintenance activities meets defined standards.
- Evaluate managed services contracts and recommend options to improve the services and cost effectiveness
Requirements
- Bachelor’s degree in computer science, Engineering, Cybersecurity or any related field.
- Preference: Cybersecurity Professional Certification, such as Security+, CISSP, CCNA Security or CEH.
- Strong knowledge of information security frameworks and principles
- Working knowledge of Identity & Access Management Solutions.
- Knowledge of SAP GRC solution.
- Hands-on experience in SOC or Security Incident response teams.
- Working knowledge of Endpoint and network security solutions.
- Knowledge of cybersecurity threats and vulnerabilities.
- Familiarity with Vulnerability management solutions.
- Working knowledge of Windows and Linux networking, IAM, SIEM technologies and IDS/IPS Systems.
- Knowledge of cybersecurity threats, risks and issues posed by new technologies and malicious actors.
- Solid understanding of Government Cybersecurity guidelines (such as NCA).
- Technical knowledge and experience working in delivering and managing IT Services in any large IT Organization.
- Excellent communication skills and team spirit.
- Analytical thinking abilities and customer focus
- Manage, plan, direct and control all the activities in the Team for development and delivery of Information Protection to meet business needs.
- Support Information Protection Senior Manager in the budget planning activities.
- Ensure all tasks and activities of all team members are performed in accordance with the organization standards and procedures.
- Assess the current skill set of employees and identify the need for development programs or specific technical training.
- Motivate, coach, develop and support employees, including periodic performance reviews.
- Support team members on their personal development and career.
