Location
Riyadh, Saudi Arabia
We are seeking a highly skilled and experienced Saudi national to join our team as a Cyber Security Senior Manager. In this leadership role, the candidate will be responsible for ensuring overall accountability for compliance with cybersecurity requirements, regulations, and laws set by the Saudi Arabian Monetary Authority (SAMA) and other governing bodies in KSA.
The position involves overseeing operational security, supporting client onboarding initiatives, and conducting security due diligence to respond to client and bank security questionnaires.
Responsibilities:
Regulatory Compliance:
+
Overall Accountability: Serve as the primary accountable authority for compliance with cybersecurity frameworks, including SAMA Cyber Security Framework (CSF), National Cybersecurity Authority (NCA) Essential Cybersecurity Controls (ECC), Cyber Resilience Framework (CRFR), and Minimum Verification Controls (MVC).
+
Operational Security: Implement and oversee operational security measures to ensure compliance with regulatory requirements.
+
Policy Adherence: Ensure cybersecurity policies align with regulatory frameworks and oversee their effective implementation.
Client Onboarding:
+
Support Framework: Maintain a robust cybersecurity support framework for client onboarding, ensuring alignment with regulatory and organizational requirements.
+
Risk Assessment: Conduct cybersecurity risk assessments as part of the client onboarding process.
+
Client Education: Collaborate with clients to educate them on cybersecurity requirements, facilitating a smooth onboarding experience.
Security Due Diligence:
+
Questionnaire Response: Lead the response to security questionnaires from clients and partner banks, ensuring accurate and detailed answers.
+
Documentation: Compile and maintain documentation related to security controls and practices for sharing with clients during due diligence processes.
+
Continuous Improvement: Work towards enhancing and streamlining the security due diligence process based on client feedback and evolving security standards.
Stakeholder Management:
+
Communication: Effectively communicate cybersecurity compliance requirements to internal and external stakeholders, fostering a culture of awareness and adherence.
+
Collaboration: Collaborate with cross-functional teams, including legal, risk management, and client services, to align cybersecurity initiatives with organizational goals.
+
Client Engagement: Establish and maintain strong relationships with clients, providing cybersecurity guidance and support during onboarding and due diligence processes.
Qualifications:
Saudi national with a minimum of 8 years of proven experience in a cybersecurity management role.
Bachelor's degree in Cybersecurity, Information Technology, or a related field. Master's degree preferred.
Professional certifications such as CISSP, CISM, or CISA are highly desirable.
In-depth knowledge of SAMA CSF, NCA ECC, CRFR, MVC, and other KSA cybersecurity regulations.
Strong understanding of operational security practices and their application in a corporate environment.
Skills and Competencies:
Strong leadership and strategic planning skills.
Excellent communication and interpersonal skills, especially in client-facing scenarios.
Analytical mindset with the ability to translate regulatory requirements into actionable strategies.
Experience in managing cybersecurity compliance programs in the financial sector, with a focus on client onboarding and due diligence.
Ability to adapt to a dynamic regulatory environment and lead the organization through evolving compliance challenges.
If you are a qualified Saudi cybersecurity professional with a passion for regulatory compliance, client onboarding, and security due diligence, we invite you to apply and contribute to the cybersecurity resilience of our organization in the Kingdom of Saudi Arabia.
NB. While we think the above experience could be important, we’re keen to hear from people that believe they have valuable experience to bring to the role. If you identify with the team and mission, but not all of our requirements, then please still apply!!
Lean is the first regulated open banking and open finance company operating across the UAE and Saudi Arabia. Since 2019 we've been on a mission to become the pre-eminent A2A payments company in the Middle East - enabling our clients to seamlessly connect to their users’ bank accounts to initiate real-time payments and retrieve account information. Our products have garnered the trust of some of the leading companies in the region, including the likes of Etisalat Group, Careem, Binance, Tabby, Tamara, Tawuniya, and more.
To date, Lean has processed billions of dollars, and our products have connected with hundreds of thousands of accounts across the region. We've recently announced our $67.5 million Series B funding round led by General Catalyst, following earlier investment from Sequoia Capital. This funding marks a major milestone for Lean and the financial ecosystem across the MENA region. At Lean, we’re committed to driving the next generation of financial innovation by making financial data and payments more accessible and transparent for businesses and consumers alike.
To that end, we're always on the lookout for talented, driven, and entrepreneurial candidates to join us in our mission of enabling the next generation of financial innovation. If you're motivated by solving hard problems and leaving a lasting legacy while you're at it, Lean's where you need to be.
Not only do we offer competitive salaries, private healthcare, and flexible office hours, but we also insist that every member of the team hold a meaningful equity stake in the business to ensure long-term alignment. We'd love you to join us for this journey!
Lean is proud to be an equal opportunity workplace and is an affirmative action employer. We are committed to equal employment opportunity regardless of race, color, ancestry, religion, sex, national origin, sexual orientation, age, citizenship, marital status, disability, gender identity or Veteran status.
When applying for a job at Lean Technologies, we will need to collect, use and share Personal Data about you with different members of our team during the application process. This may mean transferring your data to members of the team in one of our office locations worldwide outside of the country you are in. Please refer to our Privacy Notice on our website for more information about how we may use and store your Personal Data
