Senior Specialist, Information Security

Title:  Senior Specialist, Information Security

Location: 

Jeddah, Makkah, Saudi Arabia

Description: 

About Cruise Saudi

Cruise Saudi, launched in 2021 and wholly owned by the Public Investment Fund, aims to enhance Saudi Arabia's cruise industry from port development to full-scale operations, striving to position KSA as a top global cruise destination.

Job Title: Sr. Specialist, Information Security

Department: Information Technology

Location: Jeddah

Job Summary:

The Sr. Specialist, Information Security will play a crucial role in safeguarding our organization's information assets. Working closely with the Cybersecurity Lead under the Governance, Risk & Compliance (GRC) team, the Sr. Specialist will handle the operational aspects of our cybersecurity program. This position requires a deep understanding of information security principles, risk management, and compliance frameworks.

Key Responsibilities:

• Operational Security Management:

  • Implement and manage security measures to protect the organization's data, systems, and networks.
  • Monitor and analyze security alerts, logs, and reports to detect and respond to security incidents.
  • Perform vulnerability assessments and penetration testing to identify and address security weaknesses.

• Governance, Risk & Compliance:

  • Assist in the development and maintenance of information security policies, standards, and procedures.
  • Conduct regular risk assessments and audits to ensure compliance with industry standards and regulatory requirements.
  • Support the Cybersecurity Lead in developing and maintaining the organization's Cybersecurity framework.

• Incident Response:

  • Lead the investigation and resolution of security incidents and breaches.
  • Develop and implement incident response plans and procedures.
  • Coordinate with internal and external stakeholders during security incidents to ensure timely and effective resolution.

• Security Awareness and Training:

  • Develop and deliver security awareness training programs for employees.
  • Promote a culture of security awareness throughout the organization.

• Collaboration and Communication:

  • Work closely with Cybersecurity and other departments to ensure security measures are integrated into all aspects of the organization's operations.
  • Provide security guidance and support for IT projects and initiatives.
  • Communicate security risks and recommendations to senior management and stakeholders.

• Continuous Improvement:

  • Stay up-to-date with the latest cybersecurity threats, trends, and technologies.
  • Recommend and implement improvements to enhance the organization's security posture.
  • Participate in security forums, workshops, and training sessions to enhance knowledge and skills.

Qualifications:

• Education:

  • Bachelor's degree in Information Security, Computer Science, or a related field.
  • Relevant certifications such as CISSP, CISM, CEH, or equivalent are highly desirable.

• Experience:

  • Minimum of 5 years of experience in information security, cybersecurity, or a related field.
  • Proven experience in operational security management, risk assessments, and incident response.

• Skills and Competencies:

  • Strong understanding of information security principles, practices, and technologies.
  • Knowledge of industry standards and frameworks such as ISO 27001, NIST, and GDPR.
  • Proficiency in security tools and technologies, including SIEM, IDS/IPS, firewalls, and antivirus software.
  • Excellent analytical, problem-solving, and decision-making skills.
  • Strong communication and interpersonal skills, with the ability to work effectively with diverse teams.
  • Ability to manage multiple tasks and prioritize effectively in a fast-paced environment.

To learn more about Cruise Saudi, please visit the Home page | Cruise Saudi