Manager - Data Security

OVERVIEW

NEOM is an accelerator of human progress and a vision of what a new future might look like. A region in northwest Saudi Arabia on the Red Sea, NEOM is being built from the ground up to include hyperconnected, cognitive cities, ports, next-generation infrastructure and industries, enterprise zones, research centers, sports and entertainment venues and tourist destinations.

As a destination, it will be a home for people who dream big and want to be part of building a new model for exceptional livability, creating thriving businesses and reinventing environmental conservation.

As a workplace, it is a place for people who share our core values of care, curiosity, diversity, passion, respect, and becoming a catalyst for change.

Are you ready to help NEOM find solutions to the world’s most pressing challenges? Are you prepared to create a lasting legacy that benefits generations to come? Then we want to hear from you!

Manager - Data Security will play a pivotal role in overseeing, managing, and advancing critical data security capabilities within our Security Operations function. This includes data classification, data loss prevention, encryption, and access controls. They will provide thought leadership on safeguarding NEOM against current and emerging threats, ensuring our technology stack and capabilities align with data security best practices and evolving internal threats, all in support of our Digital Risk strategy.

KEY ACCOUNTABILITIES & ACTIVITIES

GRC Digital Tools & Integration

• Support the Director of cybersecurity and intelligence in implementing the Data security measures across NEOM’s local and global operations. These include identifying emerging risks, defining policies and processes, performing data security impact assessments, and promoting data security by design principles.
• Collaborate with leadership to create and implement strategies for enhancing data security and detection capabilities, ensuring alignment with Digital Risk priorities.
• Oversee the design and continuous enhancement of data security solutions, including data labeling, classification, data loss prevention, alert triage, case management, and related processes.
• Contribute to implementing cybersecurity rules, policies, and use cases on related cybersecurity solutions, such as Identity and Access Management (IAM), Privileged Access Management (PAM), DLP, DAM, and data discovery.
• Support the development of an encryption and cryptography strategy, including key and certificate management, to ensure data and access protection for data in motion and at rest, covering both on-premises and cloud environments.
• Assist in building, operating, and transferring cybersecurity data and access protection solutions for structured and unstructured data, such as Data Discovery, Data Loss Prevention (DLP), Data Activity Monitoring (DAM), and Data Tokenization.
• Collaborate closely with stakeholders in NEOM sectors, regions, and functions to integrate data security by design and default into strategic projects, business processes, applications, systems, databases, and services.
• Foster continuous integration between the business and the Data, Identity, and Access Protection function by establishing strong working relationships with stakeholders.
• Supervise and support the team in daily operations according to the targeted service catalog for the program.
• Assist in developing and monitoring a Data, Identity, and Access Protection Dashboard, including program progress metrics, key performance indicators, and key risk indicators.
• Work closely with the Director of Security Operations on strategic direction and continuous improvement, including capability and maturity assessments, long-range planning, and evaluation of current and future toolsets and partnerships.
• Maintain and update documentation, procedures, practices, and policies related to threat analysis and data security.
• Support the extraction and analysis of data to monitor potential insider threats.
• Work closely with the Incident Response team on escalated detections.
• Oversee data security tools' administration, operation, and configuration.
• Familiarity with local and global regulations such as NCA, NDMO, and GDPR.

BACKGROUND, SKILLS & QUALIFICATIONS

Knowledge Skills and Experience

• 7+ years of relevant work experience in DPP program management, processes, practices, technologies, risk management, audit, or compliance.
• Proven experience advising on complex data protection matters with practical advice.
• Experience in risk management activities and practices.
• Experience in cyber security management and control.
• Experience working with or advising large, multinational organizations.
• Experience in telecommunications, technology, and professional services.
• Familiarity with cloud, telecommunications, IoT, data analytics, and machine learning technologies.

Qualifications

• Bachelor's degree in Computer Engineering, Science, or Cybersecurity.
• Master degree is preferred.