CS Risk & Cyber Resilience Principle Expert

Job PurposeThe role holder is responsible for maintaining the risk register, identifying cybersecurity risks, and ensuring mitigation plans. They will oversee risk treatment, evaluate threats and controls, develop threat models, and ensure disaster recovery and business continuity plans include cybersecurity. The role holder shall carry out their duties in accordance with the stipulated business policies and procedures.Job ResponsibilityMaintain risk register and ensure identifying cybersecurity risksReview risk register and ensure an appropriate mitigation plan is in placeEnsure risk treatment plans are implemented in alignment with approved plansEnsure escalation of inherent inherent risks to ERM for business escalation and acceptanceEvaluate business impact of sensitive or critical business information associated with target environmentsEvaluate threats and related risks to target environments and oversee collection of information on business applications to identify risksEvaluate cybersecurity controls effectiveness and adequacy for risk treatmentDevelop and maintain Threat Modeling, and associated risk scenariosEnsure Cyber Resilience team updates the framework update according to attacks and in alignment to the framework guidelines on the frameworkEnsure disaster recovery plans and business continuity management teams include CS in their events and account for CS attacksOversee CS Resilience trainings and plans and support in developing themJob Responsibility (cont.)Prepare test plan (incl. plans for the review process and run-throughs) and perform tests and verification against detailed applications & infrastructure CS BC/DR Requirements in alignment with GD RiskMaintain and develop stc KSA Cyber Resilience process, plans in alignment with BCM and BU partnersReview CS resilience of CS DR controls and coordinate response to continuity and recover responses to cyber breaches and incidents in alignment with GD Risk.Evaluate CS systems operations performance and perform the required technical assessment to assure capturing any potential security risk and works with the owners to mitigate the highlighted risksOversee the development of CS Risk methodology and communicate it with stc group subsidiariesManage the development of the guidelines for stc group subsidiaries in alignment with CS GRC frameworksEnsure full alignment with CS Governance and any relevant function in regard to CS Risk and Cyber Resilience frameworksEnsure proper alignment with CSDG Enablement in regard to any topic require sharing with the stc group subsidiariesYears Of ExperienceA minimum of 8 yearsNature Of ExperienceRelated experience in leading the Cyber Security function for a large organization preferably within the telecom industryJob BandSTP- Similar Director ManagerSkillsEducationBachelor Degree in Computer Science or Information TechnologyAdditional EducationCertifications