Cybersecurity Manager I KSA -Riyadh| Financial Services| Orient Insurance

  • Riyadh
  • Permanent
  • Full-time
  • 2 days ago
Job Requisition ID: 177132Established in the 1930s as a trading business, Al-Futtaim Group today is one of the most diversified and progressive, privately held regional businesses headquartered in Dubai, United Arab Emirates. Structured into five operating divisions; automotive, financial services, real estate, retail and healthcare; employing more than 35,000 employees across more than 20 countries in the Middle East, Asia and Africa, Al-Futtaim Group partners with over 200 of the world's most admired and innovative brands. Al-Futtaim Group's entrepreneurship and relentless customer focus enables the organization to continue to grow and expand; responding to the changing needs of our customers within the societies in which we operate.By upholding our values of respect, excellence, collaboration and integrity; Al-Futtaim Group continues to enrich the lives and aspirations of our customers each and every dayJob Description:The Cybersecurity Manager is responsible for protecting the organization's information systems, data, and digital assets from cyber threats. The role ensures the implementation of robust cybersecurity frameworks, compliance with regulatory requirements, and alignment with industry best practices within the Saudi insurance sector.What you will do1. Cybersecurity Strategy & Governance
  • Develop and implement the organization's cybersecurity strategy and roadmap.
  • Establish cybersecurity policies, standards, and procedures.
  • Ensure alignment with business objectives and risk management frameworks.
2. Regulatory Compliance
  • Ensure compliance with cybersecurity regulations and frameworks issued by Saudi Central Bank and the National Cybersecurity Authority.
  • Maintain adherence to applicable laws, standards, and guidelines (e.g., SAMA Cybersecurity Framework).
3. Security Operations & Monitoring
  • Oversee security operations, including threat detection, monitoring, and incident response.
  • Manage Security Operations Center (SOC) activities (internal or outsourced).
  • Ensure timely identification and mitigation of cybersecurity threats.
4. Risk Management & Assessment
  • Conduct regular cybersecurity risk assessments and vulnerability assessments.
  • Perform penetration testing and ensure remediation of identified vulnerabilities.
  • Maintain and update risk registers related to IT and cybersecurity.
5. Incident Response & Crisis Management
  • Develop and implement incident response and disaster recovery plans.
  • Lead investigations of cybersecurity incidents and breaches.
  • Ensure proper reporting and documentation of incidents.
6. Data Protection & Privacy
  • Ensure protection of sensitive customer and company data.
  • Implement data security controls and encryption standards.
  • Support compliance with data protection and privacy regulations.
7. Third-Party Risk Management
  • Assess cybersecurity posture of vendors and third-party service providers.
  • Ensure third-party compliance with security standards.
8. Awareness & Training
  • Develop cybersecurity awareness programs for employees.
  • Promote a strong security culture across the organization.
9. Technology & Tools Management
  • Oversee implementation and management of cybersecurity tools (SIEM, firewalls, endpoint protection, etc.).
  • Evaluate and recommend new security technologies.
Required Skills to be successful
  • Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
  • Minimum 7+ years of experience in cybersecurity or information security, preferably within insurance or financial services.
  • Experience in the Saudi regulatory environment is required.
  • Professional certifications such as CISSP, CISM, CEH, or ISO 27001 Lead Implementer/Auditor are highly preferred.
What equips you for the role
  • Strong knowledge of cybersecurity frameworks and standards.
  • Experience in SOC operations, incident response, and threat intelligence.
  • Knowledge of network security, cloud security, and application security.
  • Strong analytical and problem-solving skills.
  • Leadership and team management abilities.
  • Ability to communicate technical risks to non-technical stakeholders.
Key Relationships
  • IT Department
  • Risk & Compliance Teams
  • Internal Audit
  • External Vendors & Service Providers
  • Regulatory Authorities (e.g., Saudi Central Bank, National Cybersecurity Authority)
Performance Indicators (KPIs)
  • Number and severity of security incidents
  • Incident response and resolution time
  • Compliance with regulatory cybersecurity requirements
  • Vulnerability remediation timelines
  • Security awareness training completion rates
  • Results of internal and external audits
About Orient Insurance PJSCOrient Insurance Company commenced operations in 1982 as a part of the reputed Al-Futtaim Group and has since recorded a progressively steady growth. The Company is counted among the leaders in the UAE insurance market. Orient Insurance Company has a paid-up capital of AED 500 million which is the highest in the insurance industry in UAE. With head office in Dubai, the company serves its clientele through an extensive branch network in Jebel Ali, Abu Dhabi, Al Ain, Sharjah and Ras Al Khaimah in UAE, Muscat in Sultanate of Oman, Riyadh in Kingdom of Saudi Arabia and Bahrain.

Al-Futtaim