JOB SUMMARY:

We are seeking a detail-oriented and experienced Security Compliance Officer to oversee and manage regulatory compliance activities for a major banking client in Saudi Arabia. The primary responsibility is to ensure full alignment with the Kingdom’s cybersecurity regulations, especially those issued by the Saudi Arabian Monetary Authority (SAMA) and the National Cybersecurity Authority (NCA). This role is critical to maintaining the bank’s compliance posture, supporting audits, and driving remediation efforts across security operations.

REQUIRED QUALIFICATIONS:

• Bachelor’s degree in Information Security, Cybersecurity, Risk Management, or a related field.
• Minimum of 5–7 years of experience in cybersecurity or information security compliance, preferably in the financial or banking sector.
• In-depth knowledge of SAMA Cybersecurity Framework, NCA Essential Cybersecurity Controls (ECC), and other relevant KSA regulatory frameworks.
• Experience preparing for and responding to external audits and assessments.
• Strong documentation and report writing skills in English; Arabic language proficiency is an added advantage.

DESIRED SKILLS AND CERTIFICATIONS:

• Professional certifications such as CRISC, CISA, ISO 27001 Lead Auditor/Implementer, or CISSP.
• Familiarity with ISO 27001, NIST CSF, and other international frameworks.
• Strong analytical and problem-solving skills with the ability to interpret complex regulatory texts.
• Effective communication and interpersonal skills, with experience engaging senior stakeholders and auditors.
• Experience working with compliance tools or GRC platforms is a plus.

• Act as the primary compliance liaison between the bank’s security function and regulatory bodies such as SAMA and NCA.
• Monitor and interpret all applicable regulatory and cybersecurity requirements (e.g., SAMA Cybersecurity Framework, NCA ECC, NCA CSF) and ensure alignment across security operations.
• Maintain and regularly update the compliance control matrix, ensuring that all controls are implemented, monitored, and documented.
• Coordinate internal compliance reviews, audits, and gap assessments to identify non-conformities or improvement areas.
• Support the development and periodic review of policies, procedures, and standards in line with regulatory updates and best practices.
• Track and report compliance status and risks to the Security Delivery Lead and bank stakeholders.
• Facilitate timely submission of mandatory reports, audit evidence, and self-assessments to SAMA or NCA.
• Assist in awareness and training sessions to educate technical and business stakeholders on compliance responsibilities.
• Work collaboratively with engineering teams to ensure regulatory compliance is considered in solution designs and operational processes.
• Drive remediation plans and ensure timely closure of audit findings or compliance gaps.