Skip Ribbon Commands
Skip to main content

Skip Navigation LinksQPViewVacancy


Job ID: DBC/15/001
Position Title: Head – Cyber Info & Security (Governance)
Business Division: Cyber & Information Security

Primary Purpose of the Job:

  • Manage the implementation, operation and maintenance, and continual improvement of the Information Security Management System.
  • Define, establish and maintain cyber and information security compliance, incident management methodologies and processes.
  • Leads the preparation and implementation of necessary information security policies, standards, procedures and guidelines in conjunction with adopted Information Security Management System and business requirements. 
  • Lead, manage, and guide the design and operation of related compliance monitoring and improvement activities to ensure adherence to internal security policies and applicable national laws and regulations.
  • Report business units' information security compliance and information security governance KPIs to information security management at regular intervals and communicate non-compliance practices.
  • Develop, maintain, and align Information security strategy and implementation to business strategy and objectives by maintaining information security roadmap for both corporate and critical operations.
  • Analyze Information security costs, benefits, strategy, policies and service levels.
  • Liaise with all Departments and Directorates to guarantee cyber and information security practices are adhered and performed.
  • Ensure organizational cyber and information security compliance objectives are achieved.    
  • Develop, maintain, and improve cyber and information security incident management process.


  • Bachelor degree in Information Security, Computer Science, or Systems Engineering.
  • Professional certifications in Information Security management and standards compliance (ISO27001 Lead Auditor/Implementer).
  • CISSP, CISM Certifications are mandatory.

Experience & Skills:

  • Preferably 15 years of relevant professional experience; with 7 years in a managerial role in a large enterprise.
  • Experience with large ICS & ICT environments in the Energy sector, preferably in Oil & Gas.
  • Experience with and understanding of customized information security management systems.
  • Knowledge of information security capabilities and requirements analysis.
  • Knowledge of relevant state laws, industry regulations, and security standards.
  • Excellent interpersonal coordination, negotiation, and expectation management skills.
  • Excellent written and verbal business communication skills.

Please note that only those applicants selected for interviews will be contacted.