Jobs in United States

The Cybersecurity Operations Manager is responsible for the organisation’s 24×7 Security Operations Centre (SOC) in the Kingdom of Saudi Arabia. Reporting to the Cyber Security Manager (KSA) with functional alignment to the Regional CISO and Cyber Governance Office, the role drives continuous improvement of SOC capabilities, communicates operational risk and performance metrics to senior leadership, and champions a culture of security across the enterprise.

In addition to provide high-level security guidance and approving architecture decisions to ensure all new solutions align with regional standards, zero-trust principles, and Saudi NCA ECC/CCC controls.

• Maintain a resilient 24×7 SOC that meets agreed service-level objectives for mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
• Ensure full compliance with Saudi national cybersecurity regulations (NCA ECC/CCC) and other applicable legislation and standards (ISO27001, PCI-DSS, etc.).
• Optimise cybersecurity budget and resources to balance risk reduction with business value.
• Develop and retain talent, building a high-performing cybersecurity-operations team with clearly defined career paths.
• Embed secure-by-design architecture governance, guaranteeing that material technology changes and projects pass security-design review and conform to the enterprise reference architecture.

Responsibilities are grouped for clarity; operations remain the primary focus, with architecture covered in a dedicated secondary section.

• Lead the 24×7 SOC in KSA, ensuring effective monitoring, detection, triage, analysis, containment, eradication and recovery from cybersecurity incidents.
• Develop, communicate and periodically review SOC strategy, policies and procedures to align with organisational objectives and the cybersecurity strategy.
• Advocate cybersecurity topics with senior management, ensuring strategic goals include robust cyber-defence capabilities.
• Obtain and manage resources (people, technology, budget) to achieve strategic cybersecurity goals.
• Maintain knowledge of emerging threats, technologies and regulatory changes impacting the SOC.

• Ensure cybersecurity risks identified by SOC monitoring are logged, assessed and treated through the organisation’s risk-governance process.
• Track audit findings and recommendations, ensuring timely mitigation.
• Collaborate with stakeholders to integrate cybersecurity requirements into business continuity (BCP) and disaster-recovery (DR) programmes.
• Periodically review cybersecurity strategy, policies and related documents for compliance with Saudi NCA regulations, UAE IASv2 (where relevant) and other applicable standards.

• Direct daily SOC operations, validating that protection, detection and response capabilities are operating as designed.
• Coordinate cybersecurity inspections, tests, and red-team / purple-team exercises.
• Serve as escalation point and executive liaison during major incidents, ensuring effective communication with internal stakeholders and third parties.
• Oversee incident post-mortems, root-cause analysis and continuous-improvement actions.
• Ensure accurate, timely operational and management reporting (KPIs, KRIs, compliance dashboards, executive summaries).

• Maintain robust vulnerability identification, prioritisation and remediation processes; track remediation metrics.
• Oversee threat-intelligence collection, analysis and operational use.
• Evaluate new technologies, tools and upgrades, approving cybersecurity capabilities before adoption.
• Ensure supply-chain and third-party cybersecurity risks are identified and managed, especially in mergers, acquisitions and outsourcing.

• Conduct security-architecture gap assessments and maintain the cybersecurity reference architecture for on-prem, cloud, and OT environments.
• Contribute to the Cyber Security Steering committee, approving or rejecting architectural decisions for new systems, integrations and major cloud migrations.
• Define and maintain secure-configuration baselines (e.g., CIS) and champion infrastructure-as-code patterns that enforce them.
• Provide security input to procurement specifications and evaluate vendor architectures during RFPs.
• Translate business and regulatory requirements into technical security controls, ensuring alignment with zero-trust principles and regional governance standards.

• Ensure regular cybersecurity awareness and role-based training for all staff.
• Develop SOC-analyst competency frameworks and certification paths (e.g., GSEC, GCIA, GCIH, GCFE).
• Mentor, coach and evaluate team members; foster a culture of knowledge-sharing and continuous learning.

• Education: Bachelor’s in Computer Science, Information Security or related field (Master’s preferred).
• Experience: 8+ years in cybersecurity with at least 3 years managing SOC or security-operations teams; exposure to security-architecture or design-review boards is highly desirable.
• Certifications (preferred): CISSP, CISM, CCSP, GCIH, GCIA, TOGAF.
• Language: Fluent English and Arabic.

Operations-focused knowledge remains unchanged (network security, incident response, risk, compliance, cloud, cryptography). Additional architecture-specific competencies include: secure-configuration management, security-design methodologies, enterprise architecture frameworks, security-design trade-off analysis, and evaluation of emerging technologies.

• Develop and maintain policies reflecting business and cybersecurity strategic objectives.
• Evaluate vendor solutions, negotiate agreements, and manage MSSP relationships.
• Lead multidisciplinary teams in a high-pressure, 24×7 environment.
• Design countermeasures to identified architectural security risks and translate operational needs into protection requirements.