IT Security Manager

Black & Grey HR is recruiting for a well-established retail group in Saudi Arabia looking to hire a skilled IT Security Manager . The ideal candidate will be responsible to lead and manage its cybersecurity initiatives across distributed retail locations.This role is responsible for protecting the company’s information systems, networks, and sensitive data from cyber threats while ensuring compliance with industry standards and regulatory requirements. The ideal candidate will bring a balance of strategic foresight, technical acumen, and leadership capabilities to oversee the development and implementation of robust security programs.

Key Responsibilities :

1. Security Strategy & Policy Development

• Define, implement, and maintain the organization’s IT security strategy in alignment with business goals and risk frameworks.
• Develop and enforce security policies, standards, and procedures to protect information assets.
• Collaborate with business units to incorporate security considerations into all IT operations and projects.
• Lead response efforts during security incidents including investigation, mitigation, and post-incident reviews.
• Conduct risk and vulnerability assessments, penetration testing, and implement measures to minimize risks.
• Monitor security alerts and logs to identify and address potential threats proactively.

3. Security Operations & Monitoring

• Oversee daily operations of cybersecurity tools and platforms such as SIEM, firewalls, IDS / IPS, endpoint protection, etc.
• Ensure continuous monitoring and timely patching of systems to defend against threats and exploits.
• Manage the remediation process for identified vulnerabilities.

4. Compliance & Audit

• Ensure adherence to applicable regulations (e.g., GDPR, HIPAA, PCI-DSS).
• Lead internal security audits and support external assessments.
• Maintain documentation and readiness for compliance and audit purposes.
• Manage and mentor a team of security professionals.
• Organize training programs and promote a security-aware culture across the organization.
• Foster continuous improvement and career development within the security team.
• Partner with IT teams to embed security into network infrastructure, software development, and system architecture.
• Advise business stakeholders and project teams on security risks and solutions.

7. Security Architecture & Tooling

• Evaluate and implement cybersecurity technologies and solutions.
• Work with system architects to build secure cloud and on-premises infrastructure.
• Ensure consistent application of security practices across the enterprise.

8. Reporting & Communication

• Deliver clear, actionable reports on security incidents, threats, and KPIs to executive management.
• Serve as the escalation point for all major cybersecurity concerns.

Requirements

• Bachelor’s degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 10 years of experience in IT security, with at least 5 years in a cybersecurity leadership or managerial role.
• Extensive hands-on experience with security tools such as SIEM, IDS / IPS, firewalls, and endpoint protection.
• Strong knowledge of network security, application security, identity and access management (IAM), and data protection.
• Experience in implementing and managing security technologies including VPNs, encryption, and anti-malware solutions.
• Familiarity with vulnerability scanning, penetration testing, and threat modeling methodologies.
• Experience working with cloud environments such as AWS, Azure, or GCP, as well as hybrid IT infrastructures.
• Preferred certifications : CISSP, CISM, CEH, CompTIA Security+, AWS Certified Security Specialty, Microsoft Certified : Azure Security Engineer.
• In-depth knowledge of industry standards and frameworks such as ISO 27001, NIST Cybersecurity Framework, and SOC 2.
• Competitive salary and benefits package

Career growth and exposure to high-impact projects

It Manager • Khobar, Tabuk, Saudi Arabia