Cybersecurity Operations Manager

The Cybersecurity Operations Manager is responsible for the organisation's 24/7 Security Operations Centre (SOC) in the Kingdom of Saudi Arabia. Reporting to the Cyber Security Manager (KSA) with functional alignment to the Regional CISO and Cyber Governance Office, the role drives continuous improvement of SOC capabilities, communicates operational risk and performance metrics to senior leadership, and champions a culture of security across the enterprise.

In addition, the manager provides high-level security guidance and approves architecture decisions to ensure all new solutions align with regional standards, zero-trust principles, and Saudi NCA ECC/CCC controls.

1. Maintain a resilient 24/7 SOC that meets agreed service-level objectives for mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
2. Ensure full compliance with Saudi national cybersecurity regulations (NCA ECC/CCC) and other applicable legislation and standards (ISO 27001, PCI-DSS, etc.).
3. Optimise cybersecurity budget and resources to balance risk reduction with business value.
4. Develop and retain talent, building a high-performing cybersecurity-operations team with clearly defined career paths.
5. Embed secure-by-design architecture governance, guaranteeing that material technology changes and projects pass security-design review and conform to the enterprise reference architecture.

Responsibilities are grouped for clarity; operations remain the primary focus, with architecture covered in a dedicated secondary section.

1. Lead the 24/7 SOC in KSA, ensuring effective monitoring, detection, triage, analysis, containment, eradication, and recovery from cybersecurity incidents.
2. Develop, communicate, and periodically review SOC strategy, policies, and procedures to align with organisational objectives and the cybersecurity strategy.
3. Advocate cybersecurity topics with senior management, ensuring strategic goals include robust cyber-defense capabilities.
4. Obtain and manage resources (people, technology, budget) to achieve strategic cybersecurity goals.
5. Maintain knowledge of emerging threats, technologies, and regulatory changes impacting the SOC.

1. Ensure cybersecurity risks identified by SOC monitoring are logged, assessed, and treated through the organisation's risk-governance process.
2. Track audit findings and recommendations, ensuring timely mitigation.
3. Collaborate with stakeholders to integrate cybersecurity requirements into business continuity (BCP) and disaster-recovery (DR) programmes.
4. Periodically review cybersecurity strategy, policies, and related documents for compliance with Saudi NCA regulations, UAE IAS v2 (where relevant), and other applicable standards.

1. Direct daily SOC operations, validating that protection, detection, and response capabilities are operating as designed.
2. Coordinate cybersecurity inspections, tests, and red-team / purple-team exercises.
3. Serve as escalation point and executive liaison during major incidents, ensuring effective communication with internal stakeholders and third parties.
4. Oversee incident post-mortems, root-cause analysis, and continuous-improvement actions.
5. Ensure accurate, timely operational and management reporting (KPIs, KRIs, compliance dashboards, executive summaries).

1. Maintain robust vulnerability identification, prioritisation, and remediation processes; track remediation metrics.
2. Oversee threat-intelligence collection, analysis, and operational use.
3. Evaluate new technologies, tools, and upgrades, approving cybersecurity capabilities before adoption.
4. Ensure supply-chain and third-party cybersecurity risks are identified and managed, especially in mergers, acquisitions, and outsourcing.

1. Conduct security-architecture gap assessments and maintain the cybersecurity reference architecture for on-prem, cloud, and OT environments.
2. Contribute to the Cyber Security Steering committee, approving or rejecting architectural decisions for new systems, integrations, and major cloud migrations.
3. Define and maintain secure-configuration baselines (e.g., CIS) and champion infrastructure-as-code patterns that enforce them.
4. Provide security input to procurement specifications and evaluate vendor architectures during RFPs.
5. Translate business and regulatory requirements into technical security controls, ensuring alignment with zero-trust principles and regional governance standards.

1. Ensure regular cybersecurity awareness and role-based training for all staff.
2. Develop SOC-analyst competency frameworks and certification paths (e.g., GSEC, GCIA, GCIH, GCFE).
3. Mentor, coach, and evaluate team members; foster a culture of knowledge-sharing and continuous learning.

1. Minimum Qualification and certifications

• Education: Bachelor’s in Computer Science, Information Security, or related field (Master’s preferred).
• Experience: 8+ years in cybersecurity with at least 3 years managing SOC or security-operations teams; exposure to security-architecture or design-review boards is highly desirable.
• Certifications (preferred): CISSP, CISM, CCSP, GCIH, GCIA, TOGAF.
• Language: Fluent English and Arabic.

2. Skills and knowledge

Operations-focused knowledge remains unchanged (network security, incident response, risk, compliance, cloud, cryptography). Additional architecture-specific competencies include: secure-configuration management, security-design methodologies, enterprise architecture frameworks, security-design trade-off analysis, and evaluation of emerging technologies.

• Develop and maintain policies reflecting business and cybersecurity strategic objectives.
• Evaluate vendor solutions, negotiate agreements, and manage MSSP relationships.
• Lead multidisciplinary teams in a high-pressure, 24/7 environment.
• Design countermeasures to identified architectural security risks and translate operational needs into protection requirements.

Disclaimer: Naukrigulf.com is only a platform to bring jobseekers & employers together. Applicants are advised to research the bonafides of the prospective employer independently. We do NOT endorse any requests for money payments and strictly advise against sharing personal or bank-related information. We also recommend you visit Security Advice for more information. If you suspect any fraud or malpractice, email us at abuse@naukrigulf.com