KSA Security Director

Our Culture:

At STS we are proud of our culture and how it drives everything we do. We are looking for individuals who share our values and want to be part of a unique and engaging culture that revolves around collaboration and innovation. If you are looking for a role where you can drive engagement and excellence across teams through commitment and collaboration, and are someone who is customer-centric and appreciates an organization with uncompromised integrity that focuses on employee engagement then read on to learn more about how you can become part of the STS family.

Our Code of Conduct:

At STS we strictly adhere to our code of conduct, which is there to serve as a moral compass, offering a framework for responsible behaviours and enabling ethical choices that cultivate positive relationships and a better future. It also outlines policies, standards, and procedures for our global operations, promoting integrity and ethical excellence across the countries we engage with.

Every year, all employees are required to review, comprehend, confirm, and adhere to the code of conduct. Additionally, all newly hired employees are subject to the same as part of their onboarding process.

Duties and Responsibilities:

• Supervising the development and updating of the cyber security strategy.
• Supervising the development and implementation of methodologies and procedures for monitoring cybersecurity incidents, directing cybersecurity activities, continuously following them up, and reporting on them.

• Supervising the development and updating of the methodology and procedures for managing cyber security risks.

• Ensure that cyber security standards and procedures are developed, approved and applied.

• Supervising the development and updating of cybersecurity policies based on cybersecurity requirements.

• Ensure that the cyber security risk management is compatible with the risk management in STS-KSA.

• Providing solutions and recommendations on cybersecurity to reduce cyber risks to information and technology assets.

• Providing the necessary guidance and support and addressing issues related to planning and managing human resources related to cyber security (such as: recruitment and training).

• Supervising the identification of cybersecurity requirements in accordance with the relevant legislative and regulatory requirements and ensuring compliance with them.

• Overseeing and reporting cyber security response incidents.

• Oversee the continuous assessment of vulnerabilities and follow up on the application of security update packages and settings.

• Oversee the collection and analysis of proactive information related to cybersecurity from national sources or international sources.

• Supervise conducting periodic penetration tests on all externally provided services and their technical components to assess the level of cybersecurity.

• Supervising the preparation of cybersecurity design principles, cybersecurity designs for systems and networks, and cybersecurity architecture, while ensuring alignment with the Enterprise Architecture.

• Supervising the management of logical access to the information and technical assets of the STS-KSA by defining, documenting and implementing cyber security requirements for managing access identities.

• Supervising the preparation of the budget for the implementation of cyber security initiatives and projects. Ensure that cyber security requirements are reviewed periodically. Providing support and supervising the preparation of an appropriate mechanism for measuring performance indicators (KPIs) for cybersecurity work and sharing them with the supervisory committee for cybersecurity.

• Communicate with the National Cybersecurity Authority and manage the relationship with it. Supervising cybersecurity programs, including the cybersecurity awareness program.

• Bachelor’s degree in Computer Science or a related technical discipline, or the equivalent combination of education, technical certifications or training, or work experience
• Must Hold Saudi Nationality
• At least 9 years of progressive information security and cybersecurity experience
• Professional security certification is preferred: CompTIA Security+, CEH, CISA, CISM, CISSP etc.