About the job
To join one of Saudi Aramco's Subsidiaries. This position requires full relocation to Saudi Arabia.
Job Title: Chief Information Officer
Location: Al Khafji, Saudi Arabia
Company: Saudi Aramco Subsidiary
Job Purpose
Oversees development and implementation of strategies to ensures that the risk to the organization’s ICS posed by a variety of cyber threats (cyber-attacks; theft or corruption from within; etc.) is minimized.
Job Dimensions and Business Metrics
- Leadership responsibilities include the overall direction, planning and evaluation of Cyber Security unit.
- Makes budgetary recommendations.
- Responsible for direct and indirect headcount management of 2+ full-time equivalent (FTE) employees.
- Highest level of confidentiality and access to information which unauthorized disclosure could be expected to have a severe or catastrophic adverse effect on organizational operations, organizational assets, or individuals.
- Decisions are made within policy parameters.
- Partially accountable for long-range operational planning in assigned areas
Key Accountabilities include the following. Other duties may be assigned as required.
- Oversees major security incidents, leads investigation, coordinates incident response / remediation activities, recommends required actions and supports / follows up to ensure these are implemented.
- Oversees technical vulnerability assessments of ICS systems and processes, identifying potential vulnerabilities, to make recommendations to control any risks identified and to ensure they are implemented.
- Oversees conduct of threat hunting, threat intelligence analysis and log analysis to proactively identify suspicious activities in the environment.
- Proactively identifies cyber security improvements and recommends appropriate control improvements.
- Oversee digital forensic investigations. Processes and analyses evidence in line with policy, standards and guidelines and supports production of forensics findings and reports.
- Oversees maintenance of security administration processes and checks that all requests for support are dealt with according to agreed procedures.
- Provides guidance in defining access rights and privileges.
- Oversee assessments and engagements with regulators and government entities.
- Oversees coordination and maintenance of service contracts and maintenance agreements for ICS services, Business network and Telecom systems.
- Acquires funds for the end-to-end unit's activities and manages assigned budget.
- Accountable for the overall direction, coordination, and evaluation of the managed unit.
- Strictly follows established environmental, health, safety and quality policies and procedures in order to guarantee employee safety, legislative compliance, delivery of high-quality products/services and a responsible environmental attitude.
- Advocates safety culture across the organization.
- Provides environmental, health, and safety leadership in maintaining a goal of zero incidents, process safety and environmental events within area of responsibility.
- Develops and implements operational excellence (OE) requirements within the assigned area, coaching staff in expectations to ensure compliance and continuous improvement.
- Undertakes accountabilities in the operational excellence process as set out in the schedule of responsibilities.
- Contributes to the processes of continuous improvement for the area managed and the organization more widely.
- Performs any other relevant task as directed by Executive Director Corporate Services.
Qualifications
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily.
The requirements listed below are representative of the knowledge, skill, and/or ability required.
Education, Certificates, Licenses, Registrations and/or Experience
- 8 to 10 years related experience including 1-2 years at a supervisory level, covering IT Security,
- preferably in oil & gas sector organization.
- Academic background includes a minimum of a bachelor's degree in a relevant field.
- Hold Certified Information Systems Security Professional (CISSP) certification.