Technical Lead - Cyber Security
Technical Lead - Cyber Security: guide governance, track incidents and controls, align teams, and drive secure, compliant programs across the organization.
About Rasan
Our journey began in 2016 when we realized the burning needs of KSA’s insurance sector. To fulfil the unmet needs in the market, we had to disrupt legacy approaches with technology needed for a digital age. Today, we are market leaders, committed to improving digital experiences for thousands of people and businesses every single day.
Job Summary
· The Cybersecurity Lead is responsible for leading the organization's cybersecurity governance, operations, and risk management programs to ensure the protection of information assets, technology platforms, and business services. The role provides strategic direction, oversight, and coordination across cybersecurity functions, ensuring alignment with business objectives, regulatory requirements, and the organization's risk appetite. Acting as the primary cybersecurity focal point, the role drives security maturity, operational effectiveness, and compliance across the enterprise
Job Objectives
· Enhance the organization's cybersecurity posture by ensuring effective implementation and continuous improvement of security controls across all technology environments.
· Achieve and maintain compliance with applicable cybersecurity frameworks, regulatory requirements, and internal policies.
· Ensure timely identification, escalation, and remediation of cybersecurity risks, vulnerabilities, and incidents.
· Strengthen cybersecurity governance through effective policies, standards, reporting, and performance monitoring.
· Optimize cybersecurity investments, resources, and third-party service providers to support business objectives and operational resilience.
· Provide executive management with clear visibility of cybersecurity risks, performance metrics, and improvement initiatives to support informed decision-making.
Job Responsibilities
Cybersecurity Governance & Strategy
· Develop and maintain the organization's cybersecurity strategy, roadmap, priorities, and improvement initiatives.
· Define cybersecurity objectives, budgets, and resource requirements aligned with business goals and risk appetite.
· Develop, review, and maintain cybersecurity policies, standards, procedures, and governance documentation.
· Establish and monitor cybersecurity KPIs, KRIs, and performance reporting mechanisms.
· Present cybersecurity posture, risks, incidents, and strategic initiatives to senior management and relevant committees.
Security Operations Oversight
· Lead cybersecurity functions and oversee day-to-day security activities performed by internal teams and service providers.
· Monitor the effectiveness of security controls across infrastructure, applications, cloud environments, and data assets.
· Oversee security technologies including SIEM, EDR, PAM, DLP, WAF, IAM, and related security platforms.
· Review security monitoring, incident management, vulnerability management, and access management activities.
· Ensure timely escalation, investigation, containment, and resolution of cybersecurity incidents and operational risks.
Risk Management, Compliance & Assurance
· Lead cybersecurity risk assessments and ensure risks are appropriately identified, evaluated, and mitigated.
· Ensure compliance with regulatory requirements and cybersecurity frameworks such as ISO 27001, NCA ECC, SAMA CSF, and internal standards.
· Coordinate internal audits, external assessments, regulatory reviews, and evidence submissions.
· Track remediation plans and ensure timely closure of audit findings, compliance gaps, and security weaknesses.
· Provide oversight of cybersecurity controls and assurance activities to maintain ongoing compliance and risk reduction.
Stakeholder & Vendor Management
· Manage relationships with cybersecurity vendors, MSSPs, consultants, and third-party service providers.
· Collaborate with IT, software development, risk management, legal, compliance, and business stakeholders to address cybersecurity requirements.
· Provide guidance and management oversight on technical cybersecurity matters to ensure effective decision-making.
· Support cross-functional initiatives by integrating cybersecurity considerations into business and technology projects.
· Facilitate communication and coordination between internal teams, management, regulators, and external partners on cybersecurity matters.
Job Requirements
Educational Qualification
· Bachelor's degree in cyber security, Information Technology or related filed.
Licenses & Certifications
· CISM (Certified Information Security Manager)
· ISO 27001 Lead Implementer and/or Lead Auditor
· CRISC (Certified in Risk and Information Systems Control)
· CompTIA Security+
Previous Work Experience
· 5–7+ years of experience in cybersecurity, information security, or related disciplines.
· Minimum 3 years of experience in leadership, supervisory, or cybersecurity management role.
· Experience working within regulated environments and implementing cybersecurity frameworks and compliance requirements.
Skills and Abilities
· Strong knowledge of cybersecurity domains, technologies, controls, and regulatory requirements.
· Expertise in cybersecurity governance, risk management, compliance, and control oversight.
· Strong leadership, team management, and stakeholder engagement skills.
· Ability to evaluate and communicate technical cybersecurity matters at a management and executive level.
· Excellent analytical, communication, presentation, and reporting capabilities.
- Department
- Cyber Security
- Role
- Technical Lead - Cyber Security
- Locations
- Riyadh
- Remote status
- Hybrid
About Rasan
Our journey began in 2016 when we realized the burning needs of KSA’s insurance sector. To fulfil the unmet needs in the market, we had to disrupt legacy approaches with technology needed for a digital age. Today, we are market leaders, committed to improving digital experiences for thousands of people and businesses every single day.