SAUDI GOLD Refinery Co. تعلن عن وظيفة أخصائي أمن سيبراني في الرياض

Cybersecurity Specialist - Riyadh, Saudi Arabia

About Saudi Gold Refinery

Saudi Gold Refinery (SGR) is a Saudi mining and precious-metals company specialized in the refining of gold and precious metals, bullion production, and value-added precious-metal services. Operating within the Kingdom’s mining value chain, SGR is aligned to the Vision 2030 mining pillar and to the regulatory framework set by the Ministry of Industry and Mineral Resources (MIM) and applicable Saudi and international standards. We produce responsibly sourced, traceable, and certified bullion, operate to LBMA Good Delivery and ISO-aligned quality standards, and invest in the people, processes, and controls behind every bar we produce.

Role Overview

Saudi Gold Refinery (SGR) is seeking a Cybersecurity Specialist in Riyadh, Saudi Arabia to protect our digital infrastructure and sensitive geological data. This role secures the IT and operational technology systems supporting our exploration projects and refining operations. The specialist ensures compliance with National Cybersecurity Authority regulations and safeguards critical business information from cyber threats.

The Cybersecurity Specialist will report directly to the IT Manager and will play a key role in implementing security controls and monitoring threats. This position drives the technical execution of our cybersecurity strategy to support SGR’s growth and operational continuity.

Key Responsibilities

The Cybersecurity Specialist will perform the following duties to ensure the security and resilience of SGR’s information systems.

Security Monitoring

The role monitors security information and event management (SIEM) logs to detect and respond to potential threats in real time.

Incident Response

This position investigates security alerts and performs root cause analysis to prevent recurrence of incidents and minimize business impact.

Vulnerability Management

The specialist executes monthly vulnerability scans on all network assets and prioritizes remediation efforts based on risk severity.

Access Control

The role administers user accounts and access rights in Active Directory to enforce least-privilege principles for all employees.

Regulatory Compliance

This position ensures IT security practices align with National Cybersecurity Authority Essential Cybersecurity Controls and internal policies.

Security Training

The specialist delivers quarterly cybersecurity awareness sessions to employees covering phishing, password hygiene, and data protection.

Risk Assessment

The role conducts periodic risk assessments to identify gaps in security controls for IT and operational technology environments.

Vendor Security

This position reviews third-party vendor security postures to ensure supply chain risks are managed effectively and documented.

Qualifications

●       Bachelor’s degree in Computer Science, Information Technology, Cybersecurity, or a related field.

●       Minimum of three years of experience in cybersecurity operations, incident response, or vulnerability management.

●       Proven knowledge of network security protocols, firewalls, intrusion detection systems, and endpoint protection.

●       Experience with security information and event management (SIEM) tools and log analysis.

●       Familiarity with National Cybersecurity Authority (NCA) regulations and Saudi data protection laws.

●       Strong understanding of identity and access management principles and Active Directory administration.

●       Ability to communicate technical security concepts to non-technical stakeholders clearly and effectively.

●       Valid Saudi driving license and willingness to travel to exploration sites within the Kingdom as required.

Preferred / Nice-to-have

●       Experience securing operational technology (OT) or industrial control systems in mining or industrial environments.

●       Knowledge of cloud security principles for Azure or AWS environments.

●       Previous experience in the mining, refining, or natural resources sector.

●       Proficiency in Arabic language for local regulatory correspondence and staff training.

●       Certifications such as CompTIA Security+, CISSP, or CEH.

Success Metrics

●       Achieves full compliance with NCA Essential Cybersecurity Controls for all corporate IT systems within 12 months.

●       Reduces mean time to detect (MTTD) and mean time to respond (MTTR) to security incidents by 20 percent.

●       Completes quarterly vulnerability scans with 95 percent of critical vulnerabilities remediated within 30 days.

●       Implements multi-factor authentication for 100 percent of remote access users and privileged accounts.

●       Delivers cybersecurity awareness training to 100 percent of employees with a measurable reduction in phishing click rates.

●       Establishes a documented incident response plan and conducts two successful tabletop exercises with key stakeholders.

●       Maintains zero major security breaches resulting from unpatched known vulnerabilities.

Equal Opportunity Statement:

Saudi Gold Refinery welcomes applications from all qualified candidates. Hiring decisions are made based on role requirements, skills, experience, and alignment with Saudization and Vision 2030 priorities.

How to Apply

If this sounds like the right opportunity for you, we'd love to hear from you. Please apply through the following link:

https://sgr.careers-page.com/jobs/fd2a49c3-57db-449e-ba13-6252e1197235