Senior Information Security Engineer

Responsibilities:

1. Develop and implement information security policies, procedures, standards, and controls.
2. Design and execute comprehensive security management plans across IT and OT environments.
3. Establish and enforce security controls to protect data, privacy, and infrastructure.
4. Implement and maintain cybersecurity programs and integrated security solutions to safeguard IT and OT systems from breaches, cyberattacks, and misuse.
5. Conduct security risk assessments, identify vulnerabilities, and recommend mitigation solutions.
6. Monitor security threats and vulnerabilities across IT networks and OT systems.
7. Design and implement secure architectures for IT and OT networks, ensuring proper segmentation, secure protocols, and vulnerability management, especially in legacy systems.
8. Ensure compliance with Saudi national cybersecurity standards, including NCA regulations, SAMA frameworks, and ISO 27001/IEC 62443 for industrial security.
9. Develop and manage backup and disaster recovery plans to ensure service continuity in case of incidents or cyber threats.
10. Enhance digital transformation security by working on initiatives and projects to improve security in IT and OT environments, supporting business continuity and protecting digital and industrial systems from cyber threats.
11. Stay updated with evolving cybersecurity trends and continuously improve security infrastructure, policies, and defense strategies.
12. Provide regular security status reports, risk assessments, and improvement plans to senior management.
13. Perform other related tasks as assigned by the supervisor.

Qualifications and Skills:

• Education: Bachelor's degree in Computer Science, Cybersecurity, or related field; Master's preferred.
• Experience: 7+ years in cybersecurity, including 3+ years in OT/ICS environments (manufacturing, energy, or critical infrastructure).
• Technical Skills: Proficiency with IT and OT security tools (e.g., Nozomi Networks, Claroty), SIEM (Splunk/QRadar), and industrial firewall configurations.
• Knowledge of Saudi cybersecurity regulations (NCA, SAMA) and international standards (ISO 27001, NIST).
• Certifications: At least two of the following: CISSP, CISM, ISA/IEC 62443, CDMP.
• Soft Skills: Strong leadership, proficiency in Arabic (preferred), and ability to work in multicultural teams.

Preferred Qualifications:

• Experience in cement, heavy industry, or Middle Eastern manufacturing sectors.
• Familiarity with SAP ERP security.
• Knowledge of Arabic language and Saudi labor laws and cultural norms.

About Southern Province Cement Company (SPCC):

SPCC is a leading cement manufacturer in Saudi Arabia, committed to innovation, sustainability, and excellence in construction materials. With state-of-the-art facilities and a focus on reducing environmental impact, we aim to deliver high-quality products while supporting Saudi Arabia's Vision 2030 through local partnerships and sustainable practices.

Benefits:

• Competitive salary, housing allowance, and transportation benefits.
• Comprehensive health insurance and retirement plans.
• Opportunities for professional development and performance bonuses.

Application Instructions:

Submit your resume and cover letter detailing your experience in supplier development within the cement or heavy manufacturing sector to [SPCC Careers Email/Portal]. Use the subject line: Supplier Development Specialist Application [Your Name].

Equal Opportunity Employer:

SPCC is an equal opportunity employer. We celebrate diversity and are committed to creating an inclusive environment for all employees.