Overview
Manager Cybersecurity Compliance Jobs in Riyadh, Saudi Arabia at BSF
Title: Manager Cybersecurity Compliance
Company: BSF
Location: Riyadh, Saudi Arabia
TheManager Cybersecurity Complianceis responsible for ensuring the bank’s cybersecurity operations, policies, and controls align with applicable regulatory requirements and standards. This role focuses on maintaining compliance with theSAMA Cybersecurity Framework (SAMA CSF),NCA Essential Cybersecurity Controls (NCA ECC), and other relevant frameworks, including international standards where applicable. The manager will oversee regulatory audits, monitor compliance activities, and provide guidance to ensure the bank’s cybersecurity processes adhere to legal and regulatory obligations.
This role doesnot include cybersecurity governanceresponsibilities but focuses exclusively on managing and enforcing compliance-related activities within the cybersecurity function.
Key Responsibilities
1. Cybersecurity Regulatory Compliance
Ensure the bank’s cybersecurity operations comply withSAMA Cybersecurity Framework (SAMA CSF),NCA Essential Cybersecurity Controls (NCA ECC), and other local or international regulatory requirements.
Conduct regular reviews of cybersecurity processes, policies, and procedures to verify compliance with regulatory frameworks.
Coordinate with internal teams to ensure that security controls, processes, and technical measures align with compliance requirements.
Act as the primary point of contact for regulatory authorities, auditors, and external consultants regarding cybersecurity compliance matters.
2. Audit and Inspections
Prepare for and manageregulatory cybersecurity auditsconducted bySAMA,NCA, or other authorities.
Facilitate internal and external audits, ensuring all required evidence and documentation is accurate and readily available.
Respond to audit findings and recommendations by developing and overseeing corrective action plans to address identified gaps or deficiencies.
Monitor the closure of audit findings and ensure timely remediation of non-compliance issues.
3. Compliance Monitoring and Reporting
Develop and maintain acybersecurity compliance monitoring programto ensure adherence to regulatory requirements.
Conduct periodic compliance assessments and gap analyses to identify areas where cybersecurity operations may fall short of regulatory expectations.
Prepare detailed compliance reports for senior management, regulators, and auditors, summarizing the bank’s adherence to cybersecurity regulations.
Track compliance metrics and Key Performance Indicators (KPIs), such as the number of audit findings, time-to-remediation, and compliance coverage.
4. Awareness and Training
Provide training and guidance to cybersecurity staff on compliance requirements, regulatory updates, and audit preparation.
Ensure that all relevant stakeholders understand their roles and responsibilities related to cybersecurity compliance.
Promote a culture of regulatory awareness within the cybersecurity function to ensure all processes and activities meet compliance standards.
5. Risk-Based Compliance Management
Support the identification, assessment, and mitigation of compliance-related risks within the cybersecurity function.
Collaborate with the risk management team to align compliance activities with the bank’s broader risk management framework.
Ensure that compliance-related risks are identified during cybersecurity initiatives, including new projects and system implementations.
6. Regulatory Updates and Alignment
Stay updated on regulatory changes and new cybersecurity requirements issued bySAMA,NCA, and …
