- Managing and leading the Cybersecurity GRC toward a business enabler function.- Managing and leading the adherence to cybersecurity regulations by implementing a methodological approach with all business functions and taking into consideration defense-in-depth mechanism.- Ensure proper and structured governance model is developed and enforced across the organization.- Support executive management with decision making by reporting a well-designed risk identification and reporting structure.- Ensure continuous improvement of cybersecurity function by creating appropriate KPIs and enhanced strategies.- Perform various cybersecurity awareness activities throughout the organization (incl. roles and responsibilities, job-related threats, incident management, policies, violations, risks, compliance, etc.,)

- Establishing cybersecurity departments and strategies based on business acumen. - Creating an overarching cybersecurity governance model and integration with related business functions (e.g., HR, PMO, IT, Third-Party, Physical, etc.,).- Performing NCA’s cybersecurity compliance assessments (ECC, CSCC, CCC, etc.,) on various industries (Oil & Gas, Banking, Government, Cloud Providers, Technology Companies, etc.,).- Conducting various qualitative asset-based risk assessments.- Developing KPIs for optimizing cybersecurity function within organizations.- Developing and implementing cybersecurity training and awareness programs.- Developing plans for business and cybersecurity continuity.

- Develop information security risk management methodology and ensure alignment with ERM function.- Identify, evaluate, and manage information security risks and controls of all information assets (people, processes, and technologies).- Maintain an up-to-date information security risk register, and oversee the implementation of identified mitigation plans with relative teams.- Conduct an information security Business Impact Analysis for asset valuation and data sensitivity.- Establish the data classification and handling guidelines.- Develop, review, and communicate of all information security policies, procedures, standards, and guidelines, and ensure alignment with the organization's strategy.- Develop and update of the information security governance and operating model (processes, roles, and responsibilities).- Incorporate information security requirements in all 3rd-party technological projects.- Reviewing and updating of the information security architecture.

- Manage the implementation of a full top-down cybersecurity program, being its project manager.- Review and update all cyber security policies, procedures, and standards.- Participate in the creation of KPIs and balanced scorecards related to the cyber security function.- Participate in NCA's compliance audit (as an auditee) against NCA ECC: 2018.- Conduct a cyber security Business Impact Analysis to identify criticality/sensitivity of PPA's data.- Implement a data classification exercise as part of the data governance program.- Oversee the enhancement of SOC operations, and implementation of Minimum Security Baselines for systems hardening efforts.

- Establish the governance and management of the information security function within the branch.- Establish and manage the information security committee.- Develop and update the information security strategy and policies.- Conduct gap compliance assessment against SAMA Cyber Security Framework and ensure its implementation.- Conduct branch-wide BIA as part of the business continuity efforts.- Implement and manage all information security awareness programs.- Enhance internal IT and banking procedures from a security perspective.

- Responsible for patch management of the organization's technological assets (laptops/desktops).- Monitor email traffic of Office 365 for any unknown communications to block/filter.- Participate in information security risk assessments exercises.- Monitor and remediate any security flaws related to technological assets (e.g., Antiviruses, DLP, Encryption, Recovery, etc.,).- Participate in the overall compliance implementation of SAMA Cyber Security Framework.

- Manage cooperate-wide VoIP services.- Manage and maintaining technological assets inventory.- Participate in ISO/IEC 27001 certification audit.- Participate on IT security policies reviews.