Broxer
Verbinden
This page was automatically translated and may contain errors. View in English.
The Saudi National Bank - SNB

Information Security Risk & Assurance

The Saudi National Bank - SNB

Riyadh, Riyadh Province, Saudi Arabia • Vollzeit

Bewerben Sie sich als Erste/r!

Erfahrung
3+ yrs
Gehalt
Stellenangebote
1
Veröffentlicht
vor 2 Wochen
Work mode
Im Büro
Ausbildung
Bachelor's degree
Eligibility
Saudi nationals with a bachelor’s degree in CS, IT, IS, or a related field; alternatively, candidates with comparable education and strong banking experience may be considered.
Resume
Required to apply

Where you'll work

Stellenbeschreibung

Role summary

The Information Security Risk & Assurance role supports SNB’s security risk and assurance efforts by finding, assessing, and helping close gaps, weaknesses, vulnerabilities, and control failures through the department’s initiatives.

Key responsibilities

  • Apply approved policies, procedures, governance requirements, and compliance instructions related to information security risk and IAM, and make sure team members follow them so work stays controlled and consistent.
  • Follow the Bank’s AML/CTF policy, related guidance, and all SAMA rules covering account opening, KYC, and customer due diligence.
  • Observe the Bank’s cyber security policies and all SAMA cyber security regulations, and help SNB stay aligned with internal, local, and international security controls and requirements.
  • Assist in running detailed attack simulations to test how well SNB can detect and respond to threats.
  • Evaluate the effectiveness of security controls and incident response procedures against realistic attack conditions.
  • Contribute to purple team activities by supporting close cooperation between red and blue teams to strengthen threat detection and the overall security stance.
  • Carry out compromise assessments to spot evidence of previous or active breaches and support quick containment and remediation.
  • Help manage the vulnerability program by identifying issues, assessing risk, prioritizing findings, and tracking remediation across the environment.
  • Arrange routine penetration testing for applications, networks, and infrastructure to uncover and confirm security weaknesses.
  • Support the use and outcomes of SAST and DAST tools to promote secure development and detect code-related vulnerabilities.
  • Examine configurations across systems, applications, and network devices to confirm they match internal standards and recognized best practices.

Requirements

  • Saudi nationality is required.
  • A bachelor’s degree in Computer Science, Information Technology, Information Systems, or a closely related discipline is preferred; candidates with a suitable academic background plus strong banking experience may also be considered.
  • At least 3 years of experience in information security management or a related area.
  • Solid understanding of enterprise security architecture and layered defense concepts.
  • Strong knowledge of MITRE ATT&CK and threat actor tactics, techniques, and procedures (TTPs).
  • Good grasp of secure development lifecycle (SDLC) integration.
  • Ability to perform threat modeling and risk-focused security assessments.

Location

Riyadh, Saudi Arabia.

Additional information

This is a full-time, onsite position. No stipend or salary amount was stated in the source, and no number of openings, start date, or application deadline was provided.

Fähigkeiten

Penetration Testing Information security risk management Security governance Vulnerability management Threat modeling MITRE ATT&CK Incident response assessment Secure SDLC SAST/DAST Configuration review Purple teaming Cyber security compliance

Lassen Sie es so, wenn Sie eine Antwort wünschen – wir werden es für nichts anderes verwenden.

Zum Durchsuchen klicken, per Drag & Drop, oder Paste ein Screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Maximal 20 MB pro Datei · Bis zu 5 Dateien