Cyber Security Manager

Prince Mohammad Bin Fahd University

Description:

AL-KHOBAR, KINGDOM OF SAUDI ARABIA

Position Cyber Security Manager

Department Information Technology

Institution Prince Mohammad bin Fahd University

Reports to IT Director

introduction

Prince Mohammad Bin Fahd University (PMU) is dedicated to fostering intellectual growth, disseminating knowledge, and addressing societal challenges through research and scientific inquiry. The Cyber Security Manager will play a vital role in achieving these objectives by leading PMU's cybersecurity initiatives and ensuring secure technological support for academic, administrative, research, and outreach activities.

Job Purpose

To oversee the University's cybersecurity operations, establishing a strong security posture through policies, architecture, and training. Responsibilities include selecting security solutions, conducting vulnerability audits, and collaborating with internal and external stakeholders to enhance enterprise security.

Duties and Responsibilities

Major Duties/ Responsibilities:

• Develop digital information security policies, standards, and guidelines that meet business, technology, and legal requirements, aligning with best professional practices.
• Assess threats to confidentiality, integrity, availability, accountability, and compliance; take ownership of security control reviews, business risk assessments, and reviews following significant security breaches.
• Serve as the focal point for digital security expertise, providing authoritative advice on security controls, including legislative and regulatory requirements.
• Manage the operation of appropriate security controls as a production service for business system users.
• Deliver security components of enterprise architectures.
• Protect information and systems by defining policies to ensure availability, integrity, authentication, confidentiality, and non-repudiation; restrict access to authorized individuals only.
• Promote awareness of national and international laws regarding confidentiality, privacy, and copyright.
• Develop strategies for information assurance as part of corporate digital governance, including guidelines for users.
• Ensure architectural principles are applied during design to reduce risk and enhance assurance standards through rigorous security testing.
• Define practical performance measures to monitor information assurance priorities set by the business.
• Contribute to the development, implementation, and monitoring of policies and processes to maintain the availability, integrity, and confidentiality of the organization's information assets.
• Advise on the suitability of design, tools, activities, and processes to mitigate cybersecurity risks; document findings and prioritize recommendations.
• Direct the implementation of security standards, policies, processes, and best practices.
• Ensure an effective program for vulnerability and compliance assessment is in place, identifying and tracking threats to the University's technologies.
• Maintain a cyber incident management response plan; coordinate responses to incidents and investigations, managing them professionally and liaising with external agencies as needed.
• Lead the selection, implementation, and operation of cybersecurity services and solutions.
• Monitor the University's network and systems; conduct regular Cyber Security Reviews and make recommendations to minimize risks.
• Collaborate with PMU managers and ensure adherence to University policies and procedures for Cyber Security.
• Provide high-quality Cyber Security guidance documentation and training.
• Assist faculty in research projects with complex information security requirements.
• Participate in University committees and engage with the Information Security team across PMU.
• Maintain high levels of professional conduct and suggest improvements to services.
• Lead and manage cybersecurity projects, ensuring timely and budget-compliant completion.
• Assist in business continuity preparation by developing backup procedures and disaster recovery documentation.
• Stay informed of relevant technical and legislative areas, including NCA, GDPR, and ISO 27001.
• Evaluate, select, test, and monitor new/enhanced systems, including various cybersecurity technologies.

Job-Specific Skills:

• Working experience in a Security Operations Center (SOC) or Network Operations Security Center (NOSC) environment.
• Strong knowledge of information technology, including applications, networks, and systems.
• Experience in performing IT Audit reports and Risk Assessments.
• Familiarity with developing Business Continuity and Disaster Recovery Plans.
• Proficient in using vulnerability assessment and penetration testing tools.
• Knowledge of security attack techniques, including familiarity with the MITRE ATT&CK framework.
• Proficient in MS Office, MS Visio, and project management tools.
• Experience in project management, problem-solving, training/coaching, and conflict resolution.
• General knowledge of ISO 27001, ITIL, or other control frameworks.
• Experience in writing Standard Operating Procedures (SOPs).

Disclaimer

PMU reserves the right to alter, amend and add responsibilities to this position in line with the institutional needs. Changes and amendments to this job description shall be within the academic framework and the general employment conditions.

Primary Location: Al-KHOBAR

Job: Manager

Organization: Information Technology Department

Schedule: Regular

Standard

Job Type: Full-time

Job Posting: Feb 25, 2025, 3:55:11 AM