Consultant of Market Cybersecurity & IT Resilience Supervision at Lawn Plus Canada

Riyadh, Riyadh, Saudi Arabia -

Full Time

Start Date

Immediate

Expiry Date

04 Jul, 26

Salary

0.0

Posted On

05 Apr, 26

Experience

5 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, IT Resilience, Risk Management, Regulatory Compliance, ISO/IEC 27001, NIST CSF, CPMI-IOSCO, Threat Intelligence, Penetration Testing, Incident Response, Data Analytics, Governance, Technical Assessment, Financial Regulation, Stakeholder Management, Strategic Planning

Industry

Description

Job Overview: This role is conducted within the vision, mission, and strategic plan of the Insurance Authority. Charged with safeguarding the integrity and continuity of capital-market infrastructures, the Consultant of Market Cybersecurity & IT Resilience Supervision spearheads risk-based supervisory frameworks that elevate cyber maturity across regulated entities. Reporting to the Manager of Market Technology Risk Supervision, the role orchestrates deep technical assessments, data-driven monitoring, and rapid incident coordination to pre-empt systemic threats and uphold global regulatory standards. The role also cultivates strategic partnerships with industry leaders, peer regulators, and national cybersecurity agencies to harmonise guidance, share intelligence, and drive market-wide capacity building. By embedding rigorous governance, continuous improvement, and innovation such as threat-led penetration testing, the position reinforces the Authority’s vision of a secure, trusted, and digitally empowered financial ecosystem. Responsibilities and Tasks * Develop and periodically refine risk-based supervisory frameworks, metrics and data-collection templates that measure the cyber-maturity of market participants against national regulations and ISO/IEC 27001, NIST CSF and CPMI-IOSCO principles. * Lead deep-dive technical studies to identify emerging threats, attack vectors and resilience gaps, translating findings into updated guidelines, circulars and enforcement criteria. * Mentor junior specialists on methodology application and ensure knowledge is codified into playbooks and inspection work-papers. * Design automated analytics models that ingest SOC feeds, incident reports and threat-intel to generate early-warning indicators for systemic cyber risk. * Conduct thematic reviews and on-site examinations of critical market entities, validating architecture designs, continuity plans and recovery time objectives. * Prepare evidence-based risk profiles and recommend supervisory actions to the Manager and cross-functional risk committees. * Serve as subject-matter escalation point during high-severity incidents, coordinating triage, root-cause analysis and post-mortem reviews with affected entities and national CERT. * Evaluate adequacy of entities’ incident-response and communications protocols, recommending remedial measures and tracking closure of corrective-action plans. * Contribute to sector-wide resilience exercises and stress tests, ensuring scenarios reflect latest threat intelligence and recovery dependencies. * Advise directors and senior technology officers of regulated entities on supervisory expectations, best-practice controls and maturity-road-map priorities. * Represent the Division in domestic and international working groups on fintech security, cloud assurance and operational resilience standards. * Curate technical workshops, tabletop exercises and publish guidance papers to uplift market-wide competencies and foster a culture of proactive cyber risk management. * Track and report key risk indicators, inspection outcomes and enforcement status to divisional dashboards and executive governance forums. * Ensure all supervisory artefacts comply with the Authority’s quality-management system and contribute recommendations to optimise internal processes. * Benchmark local supervisory practices against peer regulators, identifying opportunities to innovate and recommending adoption of advanced techniques such as threat-led penetration testing (TLPT). * Perform other job duties as assigned. The Insurance Authority (IA), the insurance regulator of the Kingdom of Saudi Arabia was established by royal decree No. 85 dated 28/01/1445 H. IA has a clear mandate to become the dedicated regulator for the Kingdom’s insurance sector. The IA aims to regulate, supervise and control the insurance sector in the Kingdom in a way that supports and enhances its effectiveness, works to develop insurance awareness, protect the rights of the insured and beneficiaries, stabilize the insurance sector, contribute to financial stability, promote and develop the insurance sector, and work to consolidate the principles and pillars of the insurance contractual relationship. The Talent Acquisition at IA is dedicated to attracting and hiring talented individuals who share our commitment to excellence and innovation. We ensure an efficient and candidate-friendly hiring process, offering timely responses and a seamless experience. Our team is committed to fostering a diverse and inclusive work environment, where every new team member can thrive and contribute to our success. Join us to be part of a dynamic organization that values growth, collaboration, and continuous development.

Responsibilities

The consultant will develop and implement risk-based supervisory frameworks to monitor and enhance the cyber maturity of market participants. They will also lead technical assessments, coordinate incident responses, and provide expert guidance to regulated entities to ensure systemic financial stability.