Cyber Security Manager – IT Consulting (Riyadh)

About the role

The Firm is looking for a seasoned Cyber Security Manager to lead client engagements within its IT Consulting practice. Based in Riyadh, the role involves travelling across GCC locations to assess and improve information security posture for a variety of industries.

Key responsibilities

• Lead client‑facing security engagements, acting as a role model and trainer for the delivery team.
• Identify IT risk areas and recommend improvements to business processes.
• Design, audit and harden network and infrastructure components.
• Conduct vulnerability assessments, penetration testing and source‑code reviews for web applications.
• Implement and manage Security Operations Centre (SOC) processes, incident and event management.
• Deploy security technologies such as Privileged Identity Management (PIM), Data Loss Prevention (DLP) and Identity Management (IDM).
• Develop and maintain ISMS/BCMS frameworks and related policies.

Required profile

• 10+ years of experience in information security, risk management and IT consulting.
• Strong client‑facing experience with the ability to communicate technical risks to non‑technical stakeholders.
• Relevant academic background (e.g., BE, CA, MBA) and certifications such as CISA, CISSP, PMP or ISO 27001 (desirable).
• Industry exposure to BFSI, capital markets, telecom or IT/ITES is a plus.

Required skills

• ISO 27001, NESA, ISR, NIST CSF, PCI DSS, GDPR, ISO 22301, ITIL, COBIT.
• Network design, infrastructure audit, firewall, encryption, PKI, TCP/IP, UNIX, Windows.
• Vulnerability assessment, penetration testing, web application security, source‑code review.
• SOC implementation, security incident and event management.
• Security technologies: PIM, DLP, IDM.
• Scripting languages: Perl, PHP, Python, Bash.
• Programming languages: C, C++, Java.
• ISMS/BCMS implementation, risk assessment, business continuity planning.
• Microsoft Office suite.