Information Security Manager
Job Fit Check
Base Career helps you apply smarter for this job.
Key skills for this role
About the Role
My Clinic KSA seeks an Information Security Manager to lead its information and cybersecurity program with a focus on Governance, Risk, and Compliance (GRC). The role involves developing security strategies, managing risk, overseeing SOC operations, and ensuring compliance with CIS, NIST, NCA, and PDPL.
Key Skills for This Role
Responsibilities
- Develop, implement, and maintain comprehensive information security and data protection policies, procedures, and guidelines
- Lead enterprise wide risk assessments to identify, analyze, and prioritize cybersecurity and data protection risks
- Oversee outsourced SOC operations, ensuring effective monitoring, detection, and response to cybersecurity threats
- Ensure organizational compliance with relevant cybersecurity frameworks (CIS, NIST, NCA) and data protection regulations
- Perform Data Protection Impact Assessments (DPIAs) to evaluate and mitigate risks
- Oversee the development and execution of incident response plans for cybersecurity and data breach incidents
- Design and deliver organization wide training and awareness programs on cybersecurity and data protection
- Evaluate and monitor third party vendors and partners for compliance with cybersecurity and data protection requirements
- Conduct regular audits of cybersecurity practices, data processing activities, and GRC controls
- Lead and mentor the internal information security team
Requirements
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Business Administration, or a related field
- Minimum of 7 years of experience in information security or cybersecurity operations
- At least 3 years in a managerial, supervisory, or advisory role focused on GRC or risk management
- CompTIA Security+ and ISC2 Certified in Cybersecurity (CC) certifications required
- In depth understanding of cybersecurity frameworks such as CIS, NIST, ISO 27001, and NCA controls
- Comprehensive knowledge of data protection and privacy laws, including KSA’s PDPL and international regulations (e.g., GDPR, HIPAA)
- Strong understanding of risk management methodologies
- Proficiency in IT operations, service management, and cybersecurity practices
- Experience overseeing or collaborating with outsourced SOCs is preferred
- CISM or CISSP certifications preferred
Full Job Posting
Job Summary
- The Information Security Manager leads My Clinic’s information and cybersecurity program, with a key focus on Governance, Risk, and Compliance (GRC).
- This role ensures protection of sensitive patient data and adherence to cybersecurity regulations including CIS, NIST, and NCA controls.
Primary Responsibilities
- Governance and Policy Development: Develop, implement, and maintain comprehensive information security and data protection policies.
- Risk Management: Lead enterprise wide risk assessments and maintain a risk register.
- Security Operations Center (SOC) Oversight: Oversee outsourced SOC operations and enforce KPIs.
- Compliance Oversight: Ensure compliance with CIS, NIST, NCA, and PDPL.
- Data Protection Impact Assessments (DPIAs): Perform DPIAs to evaluate risks.
- Incident Response and Management: Oversee incident response plans and ensure timely reporting.
- Training and Awareness Programs: Design and deliver organization wide training.
- Third Party Risk Management: Evaluate and monitor third party vendors.
- Auditing and Monitoring: Conduct regular audits of cybersecurity practices.
- Advisory and Collaboration: Serve as focal point for IT and business senior management.
- Overall IT Security Operations Handling and Execution: Oversee IT security operations.
- Team Leadership and Development: Lead and mentor the internal information security team.
Education / Professional Qualifications
- Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Systems, Business Administration, or related field.
- Minimum of 7 years of experience in information security or cybersecurity operations.
- At least 3 years in a managerial, supervisory, or advisory role focused on GRC or risk management.
- CompTIA Security+ and ISC2 Certified in Cybersecurity (CC) certifications required.
- CISM or CISSP certifications preferred.
- ISO 27001 Lead Auditor or Lead Implementer, CRISC, ITIL Foundation, CEH, or CompTIA Security+ highly desirable.
Knowledge
- In depth understanding of cybersecurity frameworks such as CIS, NIST, ISO 27001, and NCA controls.
- Comprehensive knowledge of data protection and privacy laws, including KSA’s PDPL and international regulations (e.g., GDPR, HIPAA).
- Familiarity with KSA’s regulatory environments, including SDAIA and NCA.
- Strong understanding of risk management methodologies.
- Knowledge of IT service management (ITSM) frameworks, such as ITIL.
Technical Skills
- Proficiency in IT operations, service management, and cybersecurity practices.
- Expertise in risk assessment tools and methodologies.
- Familiarity with SIEM systems, IDPS, and other security monitoring tools.
- Ability to evaluate and oversee third party security providers.
- Strong analytical skills to interpret security data.
Apply for this job in 1 click
Skip the repetitive application forms
Install the Base Career Chrome Extension and autofill job applications across major job boards with your profile.
Trusted by over 500,000 job seekers on Base Career
More from this employer
More jobs at My Clinic KSA
Tamheer - Insurance Pharmacist
Jeddah, KSA
My Clinic KSA is seeking a Saudi graduate with a PharmD degree for a Tamheer internship as an Insurance Pharmacist. The program provides training to prepare for full-time employment. Candidates must be registered on TAQA
AX 2012 Senior Developer (International)
Jeddah, KSA
Join My Clinic as a Senior AX 2012 & D365 Developer to provide technical development and support for Microsoft Dynamics AX 2012 and D365 Finance & Operations platforms. You will design customizations, develop integration
Center of Excellence Doctor (GP)
Jeddah, KSA
My Clinic KSA is hiring a GP for its Center of Excellence to deliver comprehensive medical care, manage chronic conditions, and promote prevention. Requires a Doctor of Medicine degree and experience in patient managemen
Insurance Pharmacist
Jeddah, KSA
My Clinic KSA is seeking an Insurance Pharmacist to support pharmacists with insurance queries, follow up on pre-authorization requests, and communicate with insurance companies. Candidates need a Bachelor's in Pharmacy
Sterilization Technician
Riyadh, KSA
My Clinic KSA is seeking a Sterilization Technician to perform decontamination, sterilization, and distribution of medical instruments and supplies. The role requires a CSSD Technology Diploma and a license from the Saud
Tamheer - Talent Acquisition Specialist
Jeddah, KSA
My Clinic KSA is offering a Tamheer internship program for Saudi graduates to gain experience in Talent Acquisition. The program is open to graduates in English Translation or Human Resources Management. Candidates must
Cardiovascular Technologist (International)
Jeddah, KSA
My Clinic KSA seeks a Cardiovascular Technologist to perform ECG, 2D Echo, Holter monitoring, stress tests, and ambulatory blood pressure monitoring. Requires a Bachelor's degree in cardiovascular technology or nursing w
AX 2012 Senior Developer (International)
Jeddah, KSA
My Clinic KSA seeks a Senior AX 2012 & D365 Developer to provide technical development, operational support, and capability building for Microsoft Dynamics AX 2012 and D365 Finance & Operations platforms. The role involv
Tamheer - Insurance Pharmacist
Jeddah, KSA
AX 2012 Senior Developer (International)
Jeddah, KSA
Center of Excellence Doctor (GP)
Jeddah, KSA
Insurance Pharmacist
Jeddah, KSA
Sterilization Technician
Riyadh, KSA
Tamheer - Talent Acquisition Specialist
Jeddah, KSA
Cardiovascular Technologist (International)
Jeddah, KSA
AX 2012 Senior Developer (International)
Jeddah, KSA