Robert Walters

Chief Information Security Officer (CISO)

Robert Walters

جدة, منطقة مكة المكرمة, السعودية · Full Time

Be the first to apply

Experience
10+ yrs
Salary
Openings
1
Posted
1 hour ago
Work mode
In office
Eligibility
Experienced cybersecurity leaders with a background in critical infrastructure, OT/ICS security, and regulatory compliance are suitable for this role. Saudi nationals are strongly preferred.
Resume
Required to apply

Where you'll work

Job description

Role Overview

The Chief Information Security Officer will own the enterprise-wide cybersecurity vision, roadmap, and operating model to keep information assets, technology platforms, and critical operations protected. This position has a dual focus on both IT and OT security and plays a key role in strengthening the organization’s resilience, compliance, and readiness for cyber threats. The role is based in Jiddah, Makkah, Saudi Arabia, and supports the digital transformation objectives linked to Saudi Vision 2030.

Strategy and Governance

  • Create and execute a broad cybersecurity strategy that supports business operations and safety requirements.
  • Define, maintain, and enforce security policies, standards, and procedures across corporate and industrial environments.
  • Provide regular cybersecurity reporting to the Board of Directors and the Executive Committee.

Compliance and Regulatory Alignment

  • Ensure adherence to Saudi National Cybersecurity Authority requirements, including the Essential Cybersecurity Controls (ECC), Critical Systems Cybersecurity Controls (CSCC), and DCC.
  • Align cybersecurity initiatives with national digital transformation priorities and Vision 2030 expectations.
  • Support compliance with the Saudi Personal Data Protection Law (PDPL) for both passenger and employee information.

IT, OT, and Critical Infrastructure Security

  • Protect operational technology environments, including industrial control systems, signaling systems such as ERTMS/ETCS, and rolling stock operational data.
  • Build strong coordination between technology, engineering, and operations teams to establish one integrated security posture.
  • Carry out threat modeling for critical infrastructure to reduce exposure to cyber-physical attacks.

Risk, Monitoring, and Incident Response

  • Lead the Cyber Security Operations Center and ensure threat monitoring is active on a 24/7 basis.
  • Direct the Incident Response Team during security incidents to limit business disruption and reputational impact.
  • Oversee regular vulnerability assessments and penetration testing for booking systems, mobile applications, and control networks.

Third-Party and Vendor Risk

  • Manage third-party risk processes so suppliers and partners, including locomotive manufacturers, signaling vendors, and maintenance providers, meet required security controls.
  • Strengthen supply-chain security across the wider ecosystem supporting operations.

Candidate Profile

This is a senior leadership role for an experienced information security executive with strong exposure to critical infrastructure, industrial environments, cloud security, and connected systems. Because of the sensitivity of the role, Saudi nationals are strongly preferred in line with Vision 2030 and Nitaqat requirements.

Experience and Certifications

  • At least 10 years of experience in information security, including a minimum of 4 years in a leadership position such as CISO, Head of Security, or a similar role.
  • Background in critical infrastructure sectors is required.
  • Hands-on experience securing OT/ICS environments, including SCADA and PLC technologies.
  • Holds any two of the following certifications: CISSP, CISM, CISA, or GICSP.

Technical Knowledge

  • Strong working knowledge of NCA frameworks and controls, especially ECC and CSCC.
  • Solid understanding of cloud security across Azure and AWS environments.
  • Familiarity with IoT security considerations.

Additional Notes

This role is critical in nature and is designed to protect both the technology landscape and operational infrastructure of the organization. The successful candidate will be expected to help ensure safe, secure, and compliant operations at scale.

Leave it if you'd like a reply — we won't use it for anything else.

Click to browse, drag & drop, or paste a screenshot

PNG, JPG, GIF, MP4, WebM, MOV · Max 20MB each · Up to 5 files

🤖
Broxer Assistant
Online · instant AI help
🤖
AI-powered · answers from Broxer Help