CS Risk & Cyber Resilience Principle Expert

Job Purpose

The role holder is responsible for maintaining the risk register, identifying cybersecurity risks, and ensuring mitigation plans. They will oversee risk treatment, evaluate threats and controls, develop threat models, and ensure disaster recovery and business continuity plans include cybersecurity. The role holder shall carry out their duties in accordance with the stipulated business policies and procedures.

Job Responsibility

• Maintain risk register and ensure identifying cybersecurity risks
• Review risk register and ensure an appropriate mitigation plan is in place
• Ensure risk treatment plans are implemented in alignment with approved plans
• Ensure escalation of inherent inherent risks to ERM for business escalation and acceptance
• Evaluate business impact of sensitive or critical business information associated with target environments
• Evaluate threats and related risks to target environments and oversee collection of information on business applications to identify risks
• Evaluate cybersecurity controls effectiveness and adequacy for risk treatment
• Develop and maintain Threat Modeling, and associated risk scenarios
• Ensure Cyber Resilience team updates the framework update according to attacks and in alignment to the framework guidelines on the framework
• Ensure disaster recovery plans and business continuity management teams include CS in their events and account for CS attacks
• Oversee CS Resilience trainings and plans and support in developing them
  
  

Job Responsibility (cont.)

• Prepare test plan (incl. plans for the review process and run-throughs) and perform tests and verification against detailed applications & infrastructure CS BC/DR Requirements in alignment with GD Risk
• Maintain and develop stc KSA Cyber Resilience process, plans in alignment with BCM and BU partners
• Review CS resilience of CS DR controls and coordinate response to continuity and recover responses to cyber breaches and incidents in alignment with GD Risk.
• Evaluate CS systems operations performance and perform the required technical assessment to assure capturing any potential security risk and works with the owners to mitigate the highlighted risks
• Oversee the development of CS Risk methodology and communicate it with stc group subsidiaries
• Manage the development of the guidelines for stc group subsidiaries in alignment with CS GRC frameworks
• Ensure full alignment with CS Governance and any relevant function in regard to CS Risk and Cyber Resilience frameworks
  
  

Ensure proper alignment with CSDG Enablement in regard to any topic require sharing with the stc group subsidiaries

Years Of Experience

A minimum of 8 years

Nature Of Experience

• Related experience in leading the Cyber Security function for a large organization preferably within the telecom industry
  
  

Job Band

STP- Similar Director Manager

Skills

Education

Bachelor Degree in Computer Science or Information Technology

Additional Education

Certifications