CISO

Robert Walters


Date: 6 hours ago
City: Remote
Salary: SAR 50,000 - SAR 55,000 per month
Contract type: Full time
Remote

  • The CISO is responsible for establishing and maintaining the enterprise vision, strategy, and program to ensure information assets and technologies are adequately protected.
  • This role is critical and must oversee the Security of both Information Technology and Operational Technology.
  • This leader will ensure compliance with the National Cybersecurity Authority (NCA) regulations and align security initiatives with Saudi Vision 2030 digital transformation goals.

Key Responsibilities:

Strategy & Governance

  • Develop and implement a comprehensive cybersecurity strategy that aligns with the operational goals and safety standards.
  • NCA Compliance: Ensure full compliance with the Saudi National Cybersecurity Authority (NCA) regulations, specifically the Essential Cybersecurity Controls (ECC) and Critical Systems Cybersecurity Controls (CSCC).
  • Develop and enforce security policies, standards, and procedures for both corporate and industrial networks.
  • Report the state of cybersecurity directly to the Board of Directors and Executive Committee.

IT/OT Convergence & Critical Infrastructure Protection

  • OT Security - Oversee the protection of Industrial Control Systems (ICS), signaling systems (e.g., ERTMS/ETCS), and rolling stock operational data.
  • Bridge the gap between IT and Engineering/Operations teams to ensure a unified security posture.
  • Conduct regular threat modeling for critical infrastructure to prevent cyber-physical attacks.

Risk Management & Incident Response

  • Manage the Cyber Security Operations Center (CSOC) and ensure 24/7 monitoring of threats.
  • Lead the Incident Response Team (IRT) in the event of a breach, minimizing operational downtime and reputational damage.
  • Conduct regular vulnerability assessments and penetration testing on booking systems, mobile apps, and control networks.

Data Privacy & Vendor Management

  • Ensure compliance with the Saudi Personal Data Protection Law (PDPL) regarding passenger and employee data.
  • Oversee Third-Party Risk Management (TPRM), ensuring that supply chain partners (locomotive manufacturers, signaling vendors, maintenance providers) meet security standards.

Required:

  • Minumum 10 years of experience in Information Security, with at least 4 years in a leadership role (CISO, Head of Security, etc.).
  • Experience in Critical Infrastructure sectors.
  • Proven experience managing OT/ICS security environments (SCADA, PLC security).
  • Any 2 Certifications - CISSP, CISM, CISA or GICSP ((Global Industrial Cyber Security Professional).
  • Deep understanding of NCA frameworks (ECC, CSCC, DCC).
  • Strong understanding of Cloud Security (Azure/AWS) and IoT security.
  • The ideal candidate must possess deep knowledge of Saudi National Cybersecurity Authority (NCA) regulations, specifically ECC and CSCC standards.
  • Due to the critical nature of the role, Saudi Nationals are strongly preferred in alignment with Vision 2030 and Nitaqat requirements.

How to apply

To apply for this job you need to authorize on our website. If you don't have an account yet, please register.

Post a resume

Similar jobs

Regional QSHE Coordinator

Almarai - المراعي, Remote
1 day ago
Regional QSHE Coordinator | Hail, Saudi ArabiaThe Company Almarai is the world’s largest vertically integrated dairy and the region’s largest food and beverage manufacturing and distribution company. Headquartered in the Kingdom of Saudi Arabia, Almarai Company is ranked as the #1 FMCG Brand in the MENA region and is a market leader in all its categories across the GCC. Almarai...

Clerk-Reservations

Four Points by Sheraton, Remote
2 days ago
Additional InformationJob Number 26055443Job Category ReservationsLocation Third Ring Road Al Naseem District at Al Rajhi Mosque, Makkah, Saudi Arabia, Saudi Arabia, 21955VIEW ON MAPSchedule Full TimeLocated Remotely? NPosition Type Non-ManagementPosition SummaryProcess all reservation requests, changes, and cancellations received by phone, fax, or mail. Identify guest reservation needs and determine appropriate room type. Verify availability of room type and rate. Explain...

Office Administrator

MillerKnoll, Remote
2 days ago
Why join us? Our purpose is design for the good of humankind. It’s the ideal we strive toward each day in everything we do. Being a part of MillerKnoll means being a part of something larger than your work team, or even your brand. We are redefining modern for the 21st century. And our success allows MillerKnoll to support causes...