Robert Walters
Information Security Manager – Banking/Cybersecurity
- Permanent
- Riyadh, Saudi Arabia
- Experience 5 - 10 yrs
Job expiry date: 28/03/2026
Job overview
Date posted
11/02/2026
Location
Riyadh, Saudi Arabia
Salary
SAR 30,000 - 40,000 per month
Compensation
Job description
The Information Security Manager is a mid-management role based onsite in Riyadh, Saudi Arabia, within the Banking industry, specializing in cybersecurity and information security management. Reporting to the General Manager, the role is responsible for developing, implementing, and maintaining the branch's information security strategy while ensuring compliance with regulatory requirements, including SAMA regulations. The role encompasses managing cybersecurity risks, protecting critical banking systems such as SARIE and TANFEETH, overseeing incident response processes, and maintaining secure network and endpoint environments. The manager will lead cross-functional teams, manage vendor relationships, allocate budgets for security initiatives, and ensure alignment of the branch's information security framework with business objectives and industry standards. Responsibilities include conducting regular risk assessments, vulnerability testing, cybersecurity drills, and post-incident investigations, as well as providing guidance and training to employees on cybersecurity best practices. The candidate is expected to stay updated on emerging threats, implement security policies and procedures, monitor system and network activities, manage firewalls, IDS/IPS, and encryption tools, and act as a liaison with internal departments, auditors, regulators, and other stakeholders. The ideal candidate possesses extensive experience in financial services cybersecurity, professional certifications such as CISSP, CISM, CISA, or CEH, familiarity with SARIE/TANFEETH systems, strong technical expertise in network and endpoint security, and knowledge of SAMA regulations. Multilingual capabilities (English/Chinese) are considered an advantage.
Required skills
Key responsibilities
- Develop, implement, and maintain the branch’s information security policies, procedures, and strategies, ensuring compliance with SAMA regulations and other applicable regulatory frameworks, while conducting regular reviews to align with evolving threats and regulatory requirements.
- Identify, analyze, and mitigate cybersecurity risks across all banking systems and operations, perform regular risk assessments and vulnerability testing, and maintain a robust incident response plan to address potential security breaches.
- Oversee system security and operations, including the implementation and monitoring of security measures for critical systems such as SARIE and TANFEETH, manage firewalls, IDS/IPS, endpoint protection, and encryption tools, and monitor network activity for unauthorized access or suspicious behavior.
- Manage relationships with third-party vendors, oversee procurement and maintenance of security solutions (software and hardware), allocate budgets for information security initiatives, and ensure alignment of vendor services with branch security objectives.
- Collaborate with internal departments to ensure secure system integration and data protection, act as a liaison between the branch, regulators (SAMA), auditors, and other stakeholders, provide guidance on cybersecurity best practices, and lead staff training and awareness programs.
- Design and execute cybersecurity drills to test preparedness, lead post-incident investigations to identify root causes, implement corrective actions, and ensure continuous improvement of the branch’s cybersecurity framework and business continuity capabilities.
Experience & skills
- Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or related fields with proven academic excellence and technical knowledge applicable to financial institutions.
- Minimum of 8 years of professional experience in information security management, cybersecurity operations, or related roles, with significant exposure to banking or financial services environments.
- Professional certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor), CEH (Certified Ethical Hacker), or equivalent, demonstrating advanced knowledge of information security principles and practices.
- Extensive knowledge of regulatory frameworks, specifically SAMA cybersecurity regulations, and experience ensuring compliance within financial institutions or regulated environments.
- Hands-on technical expertise in network security, endpoint protection, encryption protocols, vulnerability management, identity and access management (IAM), intrusion detection and prevention systems (IDS/IPS), firewalls, and monitoring tools.
- Proven experience in developing, implementing, and maintaining information security policies, procedures, and frameworks aligned with business objectives and industry best practices.
- Demonstrated ability to lead cross-functional teams during security incidents, coordinate with internal and external stakeholders, and maintain business continuity under pressure.
- Experience with critical banking systems such as SARIE and TANFEETH, with understanding of their security requirements and operational considerations.
- Strong skills in incident response, risk assessment, disaster recovery planning, security audits, and cybersecurity awareness programs.
- Excellent communication, interpersonal, and leadership abilities to liaise with regulators, auditors, executives, vendors, and staff across multiple levels.
- Ability to stay updated on emerging cybersecurity threats, trends, and technologies, providing proactive recommendations for continuous improvement of security posture.
- Multilingual capabilities (English and/or Chinese) are considered an advantage for communication with diverse stakeholders and multinational teams.