Information Security Manager
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
My Clinic seeks an Information Security Manager to lead its cybersecurity program with a focus on Governance, Risk, and Compliance (GRC). The role involves developing security policies, managing risk, overseeing SOC operations, and ensuring compliance with NCA, CIS, NIST, and PDPL.
Key Skills for This Role
Responsibilities
- Develop, implement, and maintain information security policies, procedures, and guidelines aligned with CIS, NIST, NCA, and PDPL
- Lead enterprise wide risk assessments, maintain risk register, and implement risk mitigation strategies
- Oversee outsourced SOC operations, review KPIs, and ensure alignment with security objectives
- Ensure compliance with cybersecurity frameworks and data protection regulations, including PDPL
- Perform Data Protection Impact Assessments (DPIAs) to evaluate risks
- Oversee incident response plans and coordinate with outsourced SOC
- Design and deliver cybersecurity training and awareness programs
- Evaluate and monitor third party vendors for compliance with cybersecurity and data protection requirements
- Conduct regular audits of cybersecurity practices and GRC controls
- Advise IT and business senior management on cybersecurity risks and GRC initiatives
- Oversee and coordinate IT security operations execution
- Lead and mentor the internal information security team
Requirements
- Bachelor's degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Business Administration, or related field
- Minimum 7 years of experience in information security or cybersecurity operations
- At least 3 years in a managerial, supervisory, or advisory role focused on GRC or risk management
- CompTIA Security+ and ISC2 Certified in Cybersecurity (CC) certifications required
- In depth understanding of CIS, NIST, ISO 27001, and NCA controls
- Comprehensive knowledge of data protection laws including KSA PDPL
- Experience overseeing or collaborating with outsourced SOCs preferred
Full Job Posting
Job Summary
- The Information Security Manager leads My Clinic’s information and cybersecurity program, focusing on GRC to protect patient data and ensure compliance with CIS, NIST, and NCA standards.
Primary Responsibilities
- Governance and Policy Development: Develop, implement, and maintain information security policies aligned with CIS, NIST, NCA, and PDPL.
- Risk Management: Lead enterprise wide risk assessments, maintain risk register, and implement mitigation strategies.
- SOC Oversight: Oversee outsourced SOC operations, review KPIs, and ensure alignment with security objectives.
- Compliance Oversight: Ensure compliance with cybersecurity frameworks and data protection regulations.
- Data Protection Impact Assessments: Perform DPIAs to evaluate risks associated with personal data processing.
- Incident Response and Management: Oversee incident response plans and coordinate with outsourced SOC.
- Training and Awareness Programs: Design and deliver cybersecurity training for employees.
- Third Party Risk Management: Evaluate and monitor third party vendors for compliance.
- Auditing and Monitoring: Conduct regular audits of cybersecurity practices and GRC controls.
- Advisory and Collaboration: Advise senior management on cybersecurity risks and GRC initiatives.
- Overall IT Security Operations Handling: Oversee execution of IT security operations.
- Team Leadership and Development: Lead and mentor the internal information security team.
Education / Professional Qualifications
- Bachelor’s degree in IT, Cybersecurity, Computer Science, Information Systems, Business Administration, or related field. Master’s degree desirable.
- Minimum 7 years of experience in information security, with at least 3 years in a managerial GRC or risk management role.
- Experience overseeing outsourced SOCs preferred.
Knowledge
- In depth understanding of CIS, NIST, ISO 27001, and NCA controls.
- Comprehensive knowledge of PDPL and international regulations (GDPR, HIPAA).
- Familiarity with SDAIA and NCA regulatory environments.
- Strong understanding of risk management methodologies.
- Knowledge of ITIL and its application to security operations.
Technical Skills
- Proficiency in IT operations, service management, and cybersecurity practices including incident response and vulnerability management.
- Expertise in risk assessment tools and methodologies.
- Familiarity with SIEM systems, IDPS, and security monitoring tools.
- Ability to evaluate third party security providers and SOC KPIs.
- Strong analytical skills to interpret security data.
Professional Certifications
- CompTIA Security+ and ISC2 Certified in Cybersecurity (CC) required.
- CISM or CISSP preferred.
- ISO 27001 Lead Auditor/Implementer, CRISC, ITIL Foundation, CEH, or CompTIA Security+ highly desirable.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at My Clinic KSA
Tamheer - Insurance Pharmacist
Jeddah, KSA
My Clinic KSA is seeking a Saudi graduate with a PharmD degree for a Tamheer internship as an Insurance Pharmacist. The program provides training to prepare for full-time employment. Candidates must be registered on TAQA
AX 2012 Senior Developer (International)
Jeddah, KSA
Join My Clinic as a Senior AX 2012 & D365 Developer to provide technical development and support for Microsoft Dynamics AX 2012 and D365 Finance & Operations platforms. You will design customizations, develop integration
Center of Excellence Doctor (GP)
Jeddah, KSA
My Clinic KSA is hiring a GP for its Center of Excellence to deliver comprehensive medical care, manage chronic conditions, and promote prevention. Requires a Doctor of Medicine degree and experience in patient managemen
Insurance Pharmacist
Jeddah, KSA
My Clinic KSA is seeking an Insurance Pharmacist to support pharmacists with insurance queries, follow up on pre-authorization requests, and communicate with insurance companies. Candidates need a Bachelor's in Pharmacy
Information Security Manager
Jeddah, KSA
My Clinic KSA seeks an Information Security Manager to lead its information and cybersecurity program with a focus on Governance, Risk, and Compliance (GRC). The role involves developing security strategies, managing ris
Sterilization Technician
Riyadh, KSA
My Clinic KSA is seeking a Sterilization Technician to perform decontamination, sterilization, and distribution of medical instruments and supplies. The role requires a CSSD Technology Diploma and a license from the Saud
Tamheer - Talent Acquisition Specialist
Jeddah, KSA
My Clinic KSA is offering a Tamheer internship program for Saudi graduates to gain experience in Talent Acquisition. The program is open to graduates in English Translation or Human Resources Management. Candidates must
Cardiovascular Technologist (International)
Jeddah, KSA
My Clinic KSA seeks a Cardiovascular Technologist to perform ECG, 2D Echo, Holter monitoring, stress tests, and ambulatory blood pressure monitoring. Requires a Bachelor's degree in cardiovascular technology or nursing w
Tamheer - Insurance Pharmacist
Jeddah, KSA
AX 2012 Senior Developer (International)
Jeddah, KSA
Center of Excellence Doctor (GP)
Jeddah, KSA
Insurance Pharmacist
Jeddah, KSA
Information Security Manager
Jeddah, KSA
Sterilization Technician
Riyadh, KSA
Tamheer - Talent Acquisition Specialist
Jeddah, KSA
Cardiovascular Technologist (International)
Jeddah, KSA