IT Security Manager

Job Description

Black & Grey HR is recruiting for a well-established retail group in Saudi Arabia looking to hire a skilled Network Support Engineer. The ideal candidate will be responsible for maintaining, supporting, and optimizing the company’s network infrastructure to ensure business continuity across distributed retail locations.

Security Strategy Development & Implementation

• Formulate and enforce a comprehensive IT security strategy aligned with business goals and risk management objectives.
• Establish and maintain security policies, standards, and procedures to safeguard sensitive data and prevent unauthorized access.
• Collaborate with business units to integrate security requirements into IT systems and workflows.

Incident Response & Risk Management

• Lead response efforts during security incidents, including investigation, containment, and remediation.
• Conduct regular risk assessments, vulnerability scans, and penetration tests to identify system weaknesses.
• Analyze security alerts and incidents, taking appropriate actions to minimize risks.

Security Operations & Monitoring

• Oversee the operation of security tools (e.g., SIEM, firewalls, IDS / IPS, endpoint protection) to detect and respond to threats.
• Ensure continuous monitoring of critical infrastructure for real-time threat detection and response.
• Manage vulnerability remediation, including patch deployment and system updates.

Compliance & Audit Readiness

• Ensure adherence to regulatory standards such as GDPR, HIPAA, and PCI-DSS.
• Conduct internal audits and assessments to verify the effectiveness of security controls.
• Coordinate and support external audits and compliance assessments.

Leadership & Team Development

• Lead, mentor, and develop a team of security analysts and engineers.
• Promote cybersecurity awareness through ongoing training and education.
• Cultivate a culture of proactive security and risk awareness across the organization.

Cross-Functional Collaboration

• Partner with IT teams to embed security within infrastructure, applications, and system designs.
• Advise business leaders and project teams on security risks and requirements throughout project lifecycles.

Security Architecture & Technology

• Assess, recommend, and implement security tools and technologies to enhance overall security posture.
• Collaborate with architects to design secure IT environments, including on-premises and cloud-based systems.
• Ensure consistent application of security protocols across all platforms.

Reporting & Communication

• Provide clear communication to executives on security risks, incidents, and mitigation strategies.
• Deliver regular updates and metrics on security operations to senior leadership and stakeholders.
• Serve as the primary point of contact for security-related matters across the organization.

Requirements

Education & Experience:

• Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, or a related field.
• Minimum of 10 years of experience in IT security, with at least 5 years in a cybersecurity and managerial or leadership role.
• Extensive experience with security tools, including firewalls, intrusion detection/prevention systems (IDS/IPS), SIEM solutions, and endpoint protection.

Technical Skills:

• Strong understanding of network security, application security, identity and access management (IAM), and data protection.
• Proficient in implementing and managing security technologies such as firewalls, VPNs, encryption, anti-malware solutions, and more.
• Experience with security audits, vulnerability scanning, and penetration testing methodologies.
• Familiarity with cloud security (AWS, Azure, GCP) and hybrid IT environments.

Certifications (Preferred):

• Certified Information Systems Security Professional (CISSP)
• Certified Information Security Manager (CISM)
• Certified Ethical Hacker (CEH)
• CompTIA Security+ or similar cybersecurity certifications

Benefits

• Competitive salary and benefits package
• Career growth and exposure to high-impact projects