Cybersecurity Section Head

RATP Dev

JOB PURPOSE:

The Cybersecurity Section Head is responsible for the tactical implementation and operational oversight of the company s cybersecurity posture within the Technical Department. Reporting to the IT & Digital Manager, this role leads the execution of security controls, local SOC operations, and GRC activities to maintain ISO 27001 compliance and align with the NIST CSF framework. The Section Head bridges the gap between high-level strategy and technical execution to protect the organization s digital ecosystem against emerging threats.

RESPONSIBILITIES/DUTIES

Cybersecurity Governance & Operations

Lead the implementation of the company-wide cybersecurity strategy in alignment with organizational objectives and department goals.

Execute and maintain a suite of security policies, standards, and procedures based on ISO 27001 and NIST CSF to ensure operational consistency.

Coordinate the ISO 27001 certification lifecycle, including gap analysis, control implementation, and preparation for readiness audits.

Maintain a high-maturity GRC ecosystem to centralize risk management, regulatory compliance, and corporate security governance.

SOC Management & Technical Oversight

Lead and mentor the SOC team, fostering a culture of technical excellence and continuous learning in incident response.

Supervise SOC workflows including SIEM tuning, threat hunting, and incident triage to meet established industry benchmarks.

Monitor the deployment and lifecycle management of security solutions, such as Firewalls, EDR/XDR, IDS/IPS, and IAM.

Coordinate comprehensive vulnerability scans, penetration tests, ensuring prioritized remediation based on business impact.

Risk, Compliance & Awareness

Lead enterprise-level cybersecurity risk assessments to identify and mitigate potential threats, maintaining an actionable Risk Register.

Coordinate the design and delivery of cybersecurity awareness programs and phishing simulations to reduce the human-risk surface.

Support internal and external auditors by ensuring the integrity of evidence for ISO 27001 and regulatory audits.

Monitor the legal and regulatory landscape to ensure organizational compliance with data protection and cybersecurity mandates.

Safety Responsibilities:

Promote a positive safety culture within the workplace and attend any safety-related meetings or briefings as required within the job role.

Comply with the requirements of RDMC RQHSE Policy and Safety Management System.

Be mindful that Safety, Security, and Environmental protection are everyone s responsibility. All staff members are accountable for reporting and intervening in any Safety, Security, or Environmental violations.

ESSENTIAL QUALIFICATIONS, KNOWLEDGE & EXPERIENCE

QUALIFICATIONS:

Bachelor s degree in Computer Science, Business Information Systems, Information Security, or a related field (Required).

CISSP or CISA certifications (Preferred).

ISO 27001 Lead Implementer or Lead Auditor (Preferred).

ITIL Foundation is a plus.

Fluent in English and Arabic, French is a plus.

KNOWLEDGE:

Strong understanding of network security, cloud security, cryptography, and application security.

Proficiency in ISO 27001, NIST Cybersecurity Framework, and GRC practices.

EXPERIENCE:

7-10 years of progressive experience in Cybersecurity, with at least 3 years in a supervisory or section-head capacity.

Proven experience in leading technical teams or SOC operations.

DESIRED BEHAVIORS & EXPERIENCES

Build strong relationships and effectively engage with cross-functional stakeholders to achieve alignment and buy-in.

Evaluate complex problems, interpret data effectively, and make decisions based on insights.

Deliver high-quality outcomes on time, manage multiple priorities, and ensure effective follow-through.

Adapt quickly to evolving needs, lead change with confidence, and help others navigate transitions smoothly.

Express ideas clearly and professionally, prepare impactful documentation, and engage effectively with diverse audiences.

Promote teamwork, share knowledge openly, and support others to achieve common goals.

Maintain accuracy and consistency in documentation, reporting, and system configurations.

Demonstrate ownership, responsibility, and reliability in delivering on objectives.

Remain composed under pressure, solve problems calmly, and stay focused on long-term results.