Senior Data Security Engineer

Beyond ONE

In this role, you will:

Monitor and ensure compliance with the Personal Data Protection Law (PDPL) technical requirements and other relevant Saudi Arabian data privacy and security regulations.

Develop, implement, and maintain the organization s data protection policies and procedures, ensuring they align with legal mandates and international standards.

Conduct regular audits and risk assessments, addressing any gaps or areas for improvement in compliance and security practices.

Collaborate with cross-functional departments to implement proper controls that mitigate risks associated with data processing activities.

Manage data subject requests including access, correction, deletion, and portability, ensuring full adherence to PDPL rights and obligations.

Design and deliver training programs to enhance employee awareness of data protection principles and drive a culture of privacy across the organization

Establish robust incident response protocols to address data breaches and coordinate investigations and reporting with regulatory authorities when required.

Serve as the primary liaison with the Saudi Data & Artificial Intelligence Authority (SDAIA) and other relevant regulatory bodies handling data protection matters.

Maintain detailed records of data processing activities and compliance metrics, delivering regular reports to senior leadership and the board.

Qualifications & Attributes

• Education:
  Bachelor s degree in Computer Science, Cybersecurity, Information Security, or a related field. Advanced certifications such as CIPP, CIPM, or ISO 27001 Lead Implementer are a plus.
• Experience:
  5+ years of experience in data protection, privacy compliance, or cybersecurity, ideally within telecommunications or highly regulated environments. Proven familiarity with the Saudi Personal Data Protection Law (PDPL) is essential.
• Technical Skills:

Must-haves:

• Strong understanding of data protection frameworks and privacy regulations (including PDPL).

• Strong understanding of data security and its technical requirements

• Experience with information security governance, risk management, and compliance processes.

• Ability to implement incident response protocols and lead investigations.

• Skilled in documentation, control assessments, and internal auditing for compliance.

Nice-to-haves:

• Familiarity with global data privacy standards such as GDPR or CCPA.

• Experience working with Data Loss Prevention (DLP) solutions or GRC platforms.
• Cloud security experience, particularly in hybrid or multi-cloud environments.

Unique Attributes:

• Thrives in fast-paced, regulated environments requiring close attention to legal compliance.
• Exhibits high levels of integrity and discretion when handling sensitive data.
• Strong communicator able to liaise with cross-functional teams and regulatory bodies.
• Proactive, detail-oriented, and capable of driving cultural change around privacy awareness.