Job Purpose

We are looking to hire Manager, Information Security,

This job role is to ensure The position holder is responsible for overseeing the development, implementation, and management of the information security strategy. This role ensures the protection of IMI digital assets by maintaining the cybersecurity program that safeguards information, systems, and networks from cyber threats. Leads efforts to evaluate and mitigate risks, enforce compliance with cybersecurity standards, and develop strategies to enhance security posture across IMI. The position holder plays a critical role in driving security awareness, providing expert guidance on cybersecurity matters, and leading responses to security incidents, ensuring continuity of operations. This position is pivotal in leading cybersecurity initiatives, integrating security requirements into business processes, and ensuring that security controls are embedded in IT and OT infrastructures. This role includes overseeing security operations center activities, identity and access management, governance, risk and compliance, and vulnerability management to ensure alignment with the National Cybersecurity Authority standards.

Key Accountabilities & Working Relationships

Key Accountabilities:

The Manager, Information Security who will be responsible for but not limited to:

• Leads the development and execution of cybersecurity programs, ensuring alignment with IMI’s strategic goals and National Cybersecurity Authority’s standards.

• Oversees security operations center and threat monitoring to ensure 24/7 monitoring of security events, prompt incident response, and the identification of potential threats.

• Manages the identity and access management practices to ensure appropriate access controls are in place, including user authentication, authorization, and role-based access to sensitive data and systems.

• Leads the development and maintenance of cybersecurity policies, procedures, and standards, ensuring compliance with National Cybersecurity Authority regulations.

• Directs vulnerability assessments, penetration tests, and security audits, and provide remediation strategies for identified vulnerabilities.

• Manages risk assessments efforts across IT and operational systems to identify and mitigate potential security risks and provide reports and recommendations to senior management

• Leads incident response efforts, ensuring effective containment, investigation, and recovery from cybersecurity incidents.

• Works closely with IT and business functions to embed security best practices into operational workflows and projects.

• Collaborates with external vendors, partners, and government agencies on security initiatives and compliance matters.

• Promotes a culture of security awareness by developing and delivering training programs that educate employees on cybersecurity risks, threats, and best practices.

• Coaches, mentors, and develops junior talents within the information security team, fostering a culture of continuous improvement and professional growth.

• Remains informed of the latest cybersecurity technologies and regulatory requirements to enhance IMI’s cybersecurity efforts.

Working Relationships:

Internal Interactions: 

• Frequent interaction with technical, professional, and management personnel across various functions to ensure the successful execution of cybersecurity programs.

• Regular presentations to senior management to provide updates on progress and strategic direction.

External Interactions:

• Regular contact with industry professionals, external vendors, and strategic partners to exchange knowledge, share experiences, and integrate best practices into IMI’s cybersecurity efforts.

Who we are looking for

Education:

• Bachelor’s degree in IT, Computer Science, Computer Engineering, Electrical Engineering, Engineering, Cybersecurity, or equivalent.

Experience:

• At least 15-20 years of professional experience, including at least 5 years of experience as a managerial level with full responsibility for supervising major cybersecurity programs.

Professional Qualifications (Certifications & Accreditations):

• CISSP or CISM are required.

• Relevant industry certifications such as, CISA, CEH, ITIL, CCNA, CCNP, or equivalent are recommended.

Competencies (Knowledge, Skills & Abilities):

• Excellent analytical, leadership, and communication skills, with the ability to manage workload under tight deadlines.

• Strong decision-making and problem-solving capabilities with experience in handling cybersecurity incidents.

• Demonstrated ability to collaborate effectively across functions and with external stakeholders.

• Proven ability to manage large-scale cybersecurity programs in an industrial setting, from program development to execution.

Languages:

• English. (Mandatory)

• Arabic / Others (desirable)