Cybersecurity Manager

JOB PURPOSE: 

The Cybersecurity Manager is responsible for the strategic design, implementation, and continuous maturation of the company’s cybersecurity posture across all business units. This role oversees local security operations, leads the in-house Security Operations Center (SOC), ensuring compliance with ISO 27001 certification and ensuring alignment with recognized security frameworks (NIST CSF). By leading Governance, Risk, and Compliance (GRC) initiatives and fostering cross-functional partnerships with IT and Digital teams, the Manager ensures the resilience of the organization’s digital ecosystem against emerging threats.

RESPONSIBILITIES/DUTIES 

Cybersecurity Governance & Strategy 

•Develop and execute the company-wide cybersecurity strategy in alignment with organizational objectives. 

•Design, maintain, and enforce a robust suite of security policies, standards, and procedures based on ISO 27001 and NIST CSF to ensure operational consistency.

•Drive the end-to-end ISO 27001 certification lifecycle, including initial gap analysis, control implementation, and final readiness audits.

•Establish a high-maturity GRC ecosystem to centralize risk management, regulatory compliance, and corporate security governance.

Security Operations & SOC Management 

•Provide strategic direction and technical mentorship to the SOC team, fostering a culture of continuous learning and incident excellence.

•Standardize SOC workflows—including SIEM tuning, threat hunting, alert triage, and incident response—to meet or exceed industry benchmarks.

•Develop and present high-level SOC performance metrics, and KPI dashboards to senior management and relevant stakeholders.

Technical Security Oversight 

•Direct the deployment and lifecycle management of advanced security solutions, including Firewalls, EDR/XDR, IDS/IPS, IAM, and Endpoint Protection. 

•Coordinate comprehensive vulnerability scans, penetration tests, ensuring prioritized remediation based on business impact. 

•Mandate and audit secure configuration standards and "Security by Design" principles across cloud infrastructure, and business applications.

Cybersecurity Risk Management

•Lead enterprise-level cybersecurity risk assessments to identify, evaluate, and mitigate potential threats, maintaining a dynamic and actionable Risk Register. 

•Define and oversee the security vetting process for vendors and third-party partners.

Awareness, Training & Culture

•Champion a security-first culture through the design and delivery of a comprehensive cybersecurity awareness program. 

•Manage phishing simulations and targeted training campaigns to reduce the organization’s human-risk surface.

Compliance, Audit & Reporting 

•Act as the primary liaison for internal and external auditors, ensuring the integrity of evidence for ISO 27001 and regulatory audits. 

•Continuously monitor the legal and regulatory landscape to ensure organizational compliance with data protection and cybersecurity mandates. 

Safety Responsibilities

•Promote a positive safety culture within the workplace and attend any safety-related meetings or briefings as required within the job role.

•Comply with the requirements of RDMC RQHSE Policy and Safety Management System.

•Be mindful that Safety, Security, and Environmental protection are everyone’s responsibility. All staff members are accountable for reporting and intervening in any Safety, Security, or Environmental violations.

ESSENTIAL QUALIFICATIONS, KNOWLEDGE & EXPERIENCE

QUALIFICATIONS:

•Bachelor’s degree in Computer Science, Business Information Systems, Information Security or a related field (required).

•CISSP, CISM, or CISA certifications are preferred. 

•ISO 27001 Lead Implementer or Lead Auditor is preferred.

•ITIL Foundation is a plus.

•Fluent in English and Arabic, French is a plus.

KNOWLEDGE:

•Advanced understanding of network security, cloud security, cryptography, and application security.

•Strong knowledge of ISO 27001, NIST Cybersecurity Framework, and GRC practices.

EXPERIENCE:

•10+ years of experience in Cybersecurity roles, with at least 3 years in team leadership.

•Proven experience managing SOC operations and security engineering team.

•Strong track record of cross-functional collaboration and stakeholder engagement.

DESIRED BEHAVIORS & EXPERIENCES

•Influence & Engagement: Builds strong relationships and effectively engages with cross-functional stakeholders to achieve alignment and buy-in.

•Analytical Thinking: Evaluates complex problems, interprets data effectively, and makes sound decisions based on insights.

•Execution Excellence: Delivers high-quality outcomes on time, manages multiple priorities, and ensures effective follow-through.

•Change Agility: Adapts quickly to evolving needs, leads change with confidence, and helps others navigate transitions smoothly.

•Communication: Expresses ideas clearly and professionally, prepares impactful documentation, and engages effectively with diverse audiences.

•Collaboration: Promotes teamwork, shares knowledge openly, and supports others to achieve common goals.

•Attention to Detail: Maintains accuracy and consistency in documentation, reporting, and system configurations.

•Accountability: Demonstrates ownership, responsibility, and reliability in delivering on objectives.

•Resilience: Remains composed under pressure, solves problems calmly, and stays focused on long-term results.